CWE-280 - Improper Handling of Insufficient Permissions or Privileges

CWE-280

Abstraction:
Base

Structure:
Simple

Status:
Draft

Weakness Name: Improper Handling of Insufficient Permissions or Privileges

Description: The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.

Common Consequences: Scope: Other
Impact: Other, Alter Execution Logic

Related Weaknesses: CWE-755Improper Handling of Exceptional ConditionsMedium

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard