|
|
|
|
CWE-264 Individual Dictionary Definition (Draft 9)
Category ID
| Status: Incomplete 264 (Category) | | Description | Summary Weaknesses in this category are related to the management of permissions,
privileges, and other security features that are used to perform access control. | | Potential Mitigations | Follow the principle of least privilege when assigning access rights to
entities in a software system. | | Relationships | | | Source Taxonomies | PLOVER - Permissions, Privileges, and ACLs | | Applicable Platforms | All | | Related Attack Patterns | | CAPEC-ID | Attack Pattern Name |
|---|
| 35 | Leverage Executable Code in Nonexecutable Files | | 17 | Accessing, Modifying or Executing Executable Files | | 76 | Manipulating Input to File System Calls | | 58 | Restful Privilege Elevation | | 5 | Analog In-band Switching Signals (aka Blue Boxing) | | 69 | Target Programs with Elevated Privileges |
|
|