|
|
|
|
CWE-285 Individual Dictionary Definition (Draft 9)
Weakness ID
| Status: Draft 285 (Weakness Base) | | Description | Summary The software does not perform access control checks in a consistent manner across all
potential execution paths. | | Potential Mitigations | For web applications, make sure that the access control mechanism is enforced
correctly at the server side on every page. Users should not be able to access any information
that they are not authorized for by simply requesting direct access to that page. Ensure that
all pages containing sensitive information are not cached, and that all such pages restrict
access to requests that are accompanied by an active and authenticated session token
associated with a user who has the required permissions to access that page. | | Context Notes | For web applications, attackers can issue a request directly to a page (URL) that they
may not be authorized to access. If the access control policy is not consistently enforced on
every page restricted to authorized users, then an attacker could gain access to and possibly
corrupt these resources. | | Relationships | | | Source Taxonomies | 7 Pernicious Kingdoms - Missing Access Control | | Applicable Platforms | All | | Related Attack Patterns | | CAPEC-ID | Attack Pattern Name |
|---|
| 1 | Accessing Functionality Not Properly Constrained by ACLs | | 13 | Subverting Environment Variable Values | | 60 | Reusing Session IDs (aka Session Replay) | | 51 | Poison Web Service Registry | | 17 | Accessing, Modifying or Executing Executable Files | | 45 | Buffer Overflow via Symbolic Links | | 39 | Manipulating Opaque Client-based Data Tokens | | 76 | Manipulating Input to File System Calls | | 77 | Manipulating User-Controlled Variables | | 59 | Session Credential Falsification through Prediction | | 87 | Forceful Browsing |
|
|
- Weakness
- Base
- Variant
- Class
- Chain
- Composite
- Category
- View
- Deprecated
