Placement of User into Incorrect Group
The product or the administrator places a user into an incorrect group.
If the incorrect group has more access or privileges than the intended group, the user might be able to bypass intended security policy to access unexpected resources or perform unexpected actions. The access-control system might not be able to detect malicious usage of this group membership.
Weaknesses in this category are related to access control.
Weaknesses in this category are related to authorization components of a system. Frequently these deal with the ability to enforce that agents have the required permis...
This view (slice) covers all the elements in CWE.
This view (slice) lists weaknesses that can be introduced during implementation.
This view (slice) displays only weakness base elements.