BaseDraft

CWE-281Improper Preservation of Permissions

Category: authz

Description

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

Common consequences· 1

  • Confidentiality / Integrity — Read Application Data, Modify Application Data

References

  1. https://cwe.mitre.org/data/definitions/281.html

(incoming)8

TypeTargetConfidenceTier
VulnerabilityCVE-2025-24337cve-2025-243370%live
VulnerabilityCVE-2025-25711cve-2025-257110%live
VulnerabilityCVE-2025-25871cve-2025-258710%live
VulnerabilityCVE-2025-34298cve-2025-342980%live
VulnerabilityCVE-2025-43698cve-2025-436980%live
VulnerabilityCVE-2026-35385cve-2026-353850%live
VulnerabilityCVE-2026-44832cve-2026-448320%live
KEVEntryMicrosoft Windows Search Remote Code Execution Vulnerabilitykev-cve-2017-85430%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Permission Race Condition During Resource Copy
CWE
Improper Ownership Management
CWE
Incorrect Execution-Assigned Permissions
CWE
Improper Handling of Insufficient Permissions or Privileges
CWE
Insecure Preserved Inherited Permissions
CWE
Improper Privilege Management
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.