logo

CWE-269 - Improper Privilege Management

CWE-269 Medium

  • Abstraction:
  • Class
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Improper Privilege Management

Description

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Common Consequences

Scope: Access Control

Impact: Gain Privileges or Assume Identity

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2024-07-16

Free security scan for your website