CWE-268: Privilege Chaining

Description

Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.

Submission Date :

July 19, 2006, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE
Example Vulnerable Codes

Example - 1

This code allows someone with the role of "ADMIN" or "OPERATOR" to reset a user's password. The role of "OPERATOR" is intended to have less privileges than an "ADMIN", but still be able to help users with small issues such as forgotten passwords.

ADMIN,OPERATOR,USER,GUEST

System.out.println("You are not authorized to perform this command");break;

System.out.println("You are not authorized to perform this command");break;

setPassword(user,password);break;case GUEST:case USER:default:}switch(requestingUser.role){}
System.out.println("You must be logged in to perform this command");if(isAuthenticated(requestingUser)){else{}public enum Roles {}public void resetPassword(User requestingUser, User user, String password ){}

This code does not check the role of the user whose password is being reset. It is possible for an Operator to gain Admin privileges by resetting the password of an Admin account and taking control of that account.

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

Visit http://cwe.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Nov. 15, 2024 2:04