CWE-863

GPTKB entity

Statements (25)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:affectedResource APIs
Web applications
Software systems
gptkbp:category Authorization
gptkbp:consequence Unauthorized access
Privilege escalation
Availability violation
Confidentiality violation
Integrity violation
gptkbp:describes The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
gptkbp:hasCWE 863
https://www.w3.org/2000/01/rdf-schema#label CWE-863
gptkbp:introducedIn CWE 4.0
gptkbp:likelihoodOfExploit High
gptkbp:mitigatedBy Implement proper authorization checks for all sensitive actions and resources.
gptkbp:name Incorrect Authorization
gptkbp:partOf gptkb:CWE
gptkbp:relatedTo gptkb:CWE-862
CWE-285
gptkbp:status Active
gptkbp:weakness gptkb:Base
gptkbp:bfsParent gptkb:CWE-352
gptkb:Broken_Access_Control
gptkbp:bfsLayer 6