CWE-269 (Improper Privilege Management)
GPTKB entity
Statements (21)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
Security Weakness
|
| gptkbp:cause |
Unauthorized access
Privilege escalation Security bypass |
| gptkbp:citation |
https://cwe.mitre.org/data/definitions/269.html
|
| gptkbp:describes |
A weakness where software does not properly assign, manage, or check privileges for users or processes.
|
| gptkbp:foundIn |
gptkb:software
Web applications Operating systems |
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-269 (Improper Privilege Management)
|
| gptkbp:mitigatedBy |
Enforce least privilege principle
Use role-based access control Validate privilege assignments |
| gptkbp:name |
Improper Privilege Management
|
| gptkbp:part_of |
CWE Top 25 (various years)
|
| gptkbp:related_CWE |
CWE-266 (Incorrect Privilege Assignment)
CWE-272 (Least Privilege Violation) |
| gptkbp:vulnerableTo |
gptkb:CWE-269
|
| gptkbp:bfsParent |
gptkb:Common_Weakness_Enumeration_(CWE)
|
| gptkbp:bfsLayer |
7
|