CWE-267Privilege Defined With Unsafe Actions

PUBLISHEDweakness record
released 2006-07-19 · last modified 2025-12-11

Metadata

CWE ID:
CWE-267
摘要:
Base
结构:
Simple
状态:
Incomplete
发布日期:
2006-07-19
更新日期:
2025-12-11

名称

Privilege Defined With Unsafe Actions

描述

A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.

常见后果

范围:
Access Control
影响:
Gain Privileges or Assume Identity
注释:
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.

相关 CWE