ClassIncomplete

CWE-286Incorrect User Management

Category: other

Description

The product does not properly manage a user within its environment. Users can be assigned to the wrong group (class) of permissions resulting in unintended access rights to sensitive objects.

Common consequences· 1

  • Other — Varies by Context

References

  1. https://cwe.mitre.org/data/definitions/286.html

(incoming)4

TypeTargetConfidenceTier
VulnerabilityCVE-2025-59943cve-2025-599430%live
VulnerabilityCVE-2025-64725cve-2025-647250%live
VulnerabilityCVE-2025-7972cve-2025-79720%live
VulnerabilityCVE-2026-35638cve-2026-356380%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Privilege Management
CWE
Improper Access Control
CWE
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE
Improper Authorization
CWE
Incorrect Privilege Assignment
CWE
Insufficient Granularity of Access Control
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.