BaseDraft

CWE-283Unverified Ownership

Category: other

Description

The product does not properly verify that a critical resource is owned by the proper entity.

Common consequences· 1

  • Access Control — Gain Privileges or Assume Identity
    An attacker could gain unauthorized access to system resources.

Potential mitigations· 2

  • [Architecture and Design, Operation]Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
  • [Architecture and Design]Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

References

  1. https://cwe.mitre.org/data/definitions/283.html

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2026-26016cve-2026-260160%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Ownership Management
CWE
Incorrect Ownership Assignment
CWE
Improper Access Control
CWE
Improper Authorization
CWE
Missing Authentication for Critical Function
CWE
Missing Authorization
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.