CWE-286βIncorrect User Management
PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11
Metadata
Weakness Name
Incorrect User Management
Description
The product does not properly manage a user within its environment.
Users can be assigned to the wrong group (class) of permissions resulting in unintended access rights to sensitive objects.