CWE-638 - Not Using Complete Mediation

Description: The product does not perform access checks on a resource every time the resource is accessed by an entity, which can create resultant weaknesses if that entity's rights or privileges change over time.

Common Consequences: Scope: Integrity, Confidentiality, Availability, Access Control, Other
Impact: Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands, Bypass Protection Mechanism, Read Application Data, Other
Notes: A user might retain access to a critical resource even after privileges have been revoked, possibly allowing access to privileged functionality or sensitive information, depending on the role of the resource.

Related Weaknesses

CWE-657Violation of Secure Design Principles