CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE-269: Improper Privilege Management

Weakness ID: 269
Abstraction: Base
Status: Incomplete
Presentation Filter:
+ Description

Description Summary

The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
+ Time of Introduction
  • Architecture and Design
  • Implementation
  • Operation
+ Applicable Platforms

Languages

All

+ Common Consequences
ScopeEffect
Access Control

Technical Impact: Gain privileges / assume identity

+ Likelihood of Exploit

Medium

+ Observed Examples
ReferenceDescription
Terminal privileges are not reset when a user logs out.
Does not properly pass security context to child processes in certain cases, allows privilege escalation.
Does not properly compute roles.
+ Potential Mitigations

Phases: Architecture and Design; Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Phase: Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Phase: Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

+ Weakness Ordinalities
OrdinalityDescription
Primary
(where the weakness exists independent of other weaknesses)
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory265Privilege / Sandbox Issues
Development Concepts699
ChildOfWeakness ClassWeakness Class284Improper Access Control
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory901SFP Primary Cluster: Privilege
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness ClassWeakness Class250Execution with Unnecessary Privileges
Research Concepts1000
ParentOfWeakness BaseWeakness Base266Incorrect Privilege Assignment
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base267Privilege Defined With Unsafe Actions
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base268Privilege Chaining
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base270Privilege Context Switching Error
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness ClassWeakness Class271Privilege Dropping / Lowering Errors
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base274Improper Handling of Insufficient Privileges
Research Concepts1000
ParentOfWeakness BaseWeakness Base648Incorrect Use of Privileged APIs
Research Concepts (primary)1000
+ Causal Nature

Explicit

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERPrivilege Management Error
+ References
[REF-17] Michael Howard, David LeBlanc and John Viega. "24 Deadly Sins of Software Security". "Sin 16: Executing Code With Too Much Privilege." Page 243. McGraw-Hill. 2010.
[REF-7] Mark Dowd, John McDonald and Justin Schuh. "The Art of Software Security Assessment". Chapter 9, "Dropping Privileges Permanently", Page 479.. 1st Edition. Addison Wesley. 2006.
+ Maintenance Notes

The relationships between privileges, permissions, and actors (e.g. users and groups) need further refinement within the Research view. One complication is that these concepts apply to two different pillars, related to control of resources (CWE-664) and protection mechanism failures (CWE-396).

+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE TeamInternal
Moved this entry higher up in the Research view.
2008-09-08CWE Content TeamMITREInternal
updated Description, Maintenance_Notes, Name, Relationships, Taxonomy_Mappings, Weakness_Ordinalities
2009-05-27CWE Content TeamMITREInternal
updated Name
2009-12-28CWE Content TeamMITREInternal
updated Potential_Mitigations
2010-06-21CWE Content TeamMITREInternal
updated Potential_Mitigations
2011-03-29CWE Content TeamMITREInternal
updated Description, Relationships
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated References, Relationships
2012-10-30CWE Content TeamMITREInternal
updated Potential_Mitigations
2013-02-21CWE Content TeamMITREInternal
updated Potential_Mitigations
Previous Entry Names
Change DatePrevious Entry Name
2008-09-09Privilege Management Error
2009-05-27Insecure Privilege Management

More information is available — Please select a different filter.
Page Last Updated: January 18, 2017