CWE-269 - Improper Privilege Management
- 摘要:Class
- 结构:Simple
- 状态:Draft
- 发布日期:2006-07-19
- 更新日期:2026-04-30
名称
Improper Privilege Management
描述
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
常见后果
范围:Access Control
影响:Gain Privileges or Assume Identity