CWE-708 - Incorrect Ownership Assignment
CWE-708
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Incorrect Ownership Assignment
- Description
The product assigns an owner to a resource, but the owner is outside of the intended control sphere.
This may allow the resource to be manipulated by actors outside of the intended control sphere.
- Common Consequences
Scope: Confidentiality, Integrity
Impact: Read Application Data, Modify Application Data
Notes: An attacker could read and modify data for which they do not have permissions to access directly.
- Related Weaknesses
- Release Date:
- 2008-09-09
- Latest Modification Date:
- 2023-06-29
Free security scan for your website