logo

CWE-270 - Privilege Context Switching Error

CWE-270

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Privilege Context Switching Error

Description

The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.

Common Consequences

Scope: Access Control

Impact: Gain Privileges or Assume Identity

Notes: A user can assume the identity of another user with separate privileges in another context. This will give the user unauthorized access that may allow them to acquire the access information of other users.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website