CWE-862 (Missing Authorization)
GPTKB entity
Statements (21)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
Security Weakness
|
| gptkbp:consequence |
Privilege escalation
Data exposure Unauthorized access to sensitive resources |
| gptkbp:describes |
The software does not perform an authorization check when a user attempts to access a resource or perform an action.
|
| gptkbp:externalLink |
https://cwe.mitre.org/data/definitions/862.html
|
| gptkbp:foundIn |
APIs
Web applications Mobile applications |
| gptkbp:hasVersion |
CWE 4.12
|
| gptkbp:mitigatedBy |
Implement proper authorization checks for all sensitive actions and resources
|
| gptkbp:name |
Missing Authorization
|
| gptkbp:relatedTo |
CWE-285 (Improper Authorization)
CWE-863 (Incorrect Authorization) |
| gptkbp:status |
Active
|
| gptkbp:vulnerableTo |
gptkb:CWE-862
|
| gptkbp:weakness |
gptkb:Base
|
| gptkbp:bfsParent |
gptkb:Common_Weakness_Enumeration_(CWE)
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-862 (Missing Authorization)
|