CWE-863 - Incorrect Authorization
- 摘要:Class
- 结构:Simple
- 状态:Incomplete
- 发布日期:2011-06-01
- 更新日期:2025-12-11
名称
Incorrect Authorization
描述
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
常见后果
范围:Confidentiality
影响:Read Application Data, Read Files or Directories
注释:An attacker could bypass intended access restrictions to read sensitive data, either by reading the data directly from a data store that is not correctly restricted, or by accessing insufficiently-protected, privileged functionality to read the data.
范围:Integrity
影响:Modify Application Data, Modify Files or Directories
注释:An attacker could bypass intended access restrictions to modify sensitive data, either by writing the data directly to a data store that is not correctly restricted, or by accessing insufficiently-protected, privileged functionality to write the data.
范围:Access Control
影响:Gain Privileges or Assume Identity, Bypass Protection Mechanism
注释:An attacker could bypass intended access restrictions to gain privileges by modifying or reading critical data directly, or by accessing privileged functionality.
范围:Confidentiality, Integrity, Availability
影响:Execute Unauthorized Code or Commands
注释:An attacker could use elevated privileges to execute unauthorized commands or code.
范围:Availability
影响:DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Resource Consumption (Other)
注释:An attacker could gain unauthorized access to resources on the system and excessively consume those resources, leading to a denial of service.