logo
Home/CWEs/CWE-689/

CWE-689 - Permission Race Condition During Resource Copy

  • Abstraction:Compound
  • Structure:Composite
  • Status:Draft
  • Release Date:2008-04-11
  • Latest Modification Date:2023-06-29

Weakness Name

Permission Race Condition During Resource Copy

Description

The product, while copying or cloning a resource, does not set the resource's permissions or access control until the copy is complete, leaving the resource exposed to other spheres while the copy is taking place.

Common Consequences

Scope: Confidentiality, Integrity

Impact: Read Application Data, Modify Application Data

Related Weaknesses

CWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Medium

CWE-732Incorrect Permission Assignment for Critical ResourceHigh