Statements (26)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
Security weakness
|
| gptkbp:cause |
Unauthorized access
Privilege escalation |
| gptkbp:describedBy |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:describes |
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control.
|
| gptkbp:example |
Improperly allowing a user to access admin functions
|
| gptkbp:foundIn |
Web applications
Operating systems Software applications |
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-269
|
| gptkbp:maintainedBy |
gptkb:MITRE_Corporation
|
| gptkbp:mitigatedBy |
Enforce least privilege
Use proper access control checks |
| gptkbp:name |
Improper Privilege Management
|
| gptkbp:referencedIn |
https://cwe.mitre.org/data/definitions/269.html
|
| gptkbp:relatedTo |
CWE-266
CWE-250 CWE-272 |
| gptkbp:vulnerableTo |
269
|
| gptkbp:bfsParent |
gptkb:CVE-2021-34527
gptkb:CVE-2021-36958 gptkb:CWE gptkb:CVE-2020-0915 gptkb:CVE-2020-1036 |
| gptkbp:bfsLayer |
7
|