CWE-276β€”Incorrect Default Permissions

PUBLISHEDweakness recordMedium
released 2006-07-19 Β· last modified 2026-01-21
CWE-276 - Incorrect Default Permissions - Diagram

Metadata

CWE ID:
CWE-276
Abstraction:
Base
Structure:
Simple
Status:
Draft
Release Date:
2006-07-19
Latest Modification Date:
2026-01-21

Weakness Name

Incorrect Default Permissions

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Common Consequences

Scope:
Confidentiality, Integrity
Impact:
Read Application Data, Modify Application Data

Related Weaknesses