BaseIncomplete

CWE-842Placement of User into Incorrect Group

Category: other

Description

The product or the administrator places a user into an incorrect group. If the incorrect group has more access or privileges than the intended group, the user might be able to bypass intended security policy to access unexpected resources or perform unexpected actions. The access-control system might not be able to detect malicious usage of this group membership.

Common consequences· 1

  • Access Control — Gain Privileges or Assume Identity

References

  1. https://cwe.mitre.org/data/definitions/842.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect User Management
CWE
Incorrect Privilege Assignment
CWE
Incorrect Execution-Assigned Permissions
CWE
Incorrect Authorization
CWE
Improper Authorization
CWE
Improper Access Control
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.