CWE-272 - Least Privilege Violation
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Least Privilege Violation
Description
The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
Common Consequences
Scope: Access Control, Confidentiality
Impact: Gain Privileges or Assume Identity, Read Application Data, Read Files or Directories
Notes: An attacker may be able to access resources with the elevated privilege that could not be accessed with the attacker's original privileges. This is particularly likely in conjunction with another flaw, such as a buffer overflow.
