Permission Issues |
Category ID: 275 (Category) | Status: Draft |
Description Summary
Weaknesses in this category are related to improper assignment or handling of permissions.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 264 | Permissions, Privileges, and Access Controls | Development Concepts (primary)699 |
ChildOf | Category | 632 | Weaknesses that Affect Files or Directories | Resource-specific Weaknesses (primary)631 |
ChildOf | Category | 723 | OWASP Top Ten 2004 Category A2 - Broken Access Control | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ChildOf | Category | 731 | OWASP Top Ten 2004 Category A10 - Insecure Configuration Management | Weaknesses in OWASP Top Ten (2004)711 |
RequiredBy | Compound Element: Composite | 61 | UNIX Symbolic Link (Symlink) Following | Research Concepts1000 |
RequiredBy | Compound Element: Composite | 426 | Untrusted Search Path | Research Concepts1000 |
ParentOf | Weakness Variant | 276 | Incorrect Default Permissions | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 277 | Insecure Inherited Permissions | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 278 | Insecure Preserved Inherited Permissions | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 279 | Incorrect Execution-Assigned Permissions | Development Concepts (primary)699 |
ParentOf | Weakness Base | 280 | Improper Handling of Insufficient Permissions or Privileges | Development Concepts (primary)699 |
ParentOf | Weakness Base | 281 | Improper Preservation of Permissions | Development Concepts (primary)699 |
ParentOf | Weakness Base | 618 | Exposed Unsafe ActiveX Method | Development Concepts (primary)699 |
ParentOf | Compound Element: Composite | 689 | Permission Race Condition During Resource Copy | Development Concepts (primary)699 |
ParentOf | Weakness Class | 732 | Incorrect Permission Assignment for Critical Resource | Development Concepts (primary)699 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | Permission errors | ||
OWASP Top Ten 2004 | A2 | CWE More Specific | Broken Access Control |
OWASP Top Ten 2004 | A10 | CWE More Specific | Insecure Configuration Management |