CWE-266: Incorrect Privilege Assignment
Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Submission Date :
July 19, 2006, midnight
Modification Date :
2023-06-29 00:00:00+00:00
Organization :
MITRE
Example - 1
The following example demonstrates the weakness.
// /* do some stuff *///
seteuid(0);seteuid(getuid());
Example - 2
The following example demonstrates the weakness.// // privileged code goes here, for example://
// // nothing to return//
System.loadLibrary("awt");return null;public Object run() {}AccessController.doPrivileged(new PrivilegedAction() {
Example - 3
This application sends a special intent with a flag that allows the receiving application to read a data file for backup purposes. Any malicious application can register to receive this intent. Because of the FLAG_GRANT_READ_URI_PERMISSION included with the intent, the malicious receiver code can read the user's data.
Intent intent = new Intent();intent.setAction("com.example.BackupUserData");intent.setData(file_uri);intent.addFlags(FLAG_GRANT_READ_URI_PERMISSION);sendBroadcast(intent);
Uri userData = intent.getData();stealUserData(userData);@Overridepublic void onReceive(Context context, Intent intent) {}public class CallReceiver extends BroadcastReceiver {}
Related Weaknesses
This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.
CWE-9: J2EE Misconfiguration: Weak Access Permissions for EJB Methods
CWE-269: Improper Privilege Management
CWE-286: Incorrect User Management
CWE-520: .NET Misconfiguration: Use of Impersonation
CWE-556: ASP.NET Misconfiguration: Use of Identity Impersonation
CWE-1022: Use of Web Link to Untrusted Target with window.opener Access
Visit http://cwe.mitre.org/ for more details.