CWE-266 - Incorrect Privilege Assignment
CWE-266
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Incorrect Privilege Assignment
- Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
- Common Consequences
Scope: Access Control
Impact: Gain Privileges or Assume Identity
Notes: A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website