CWE-275

Name

Permission Issues

Status

Draft

Published

2006-07-19 +00:00

Last Modified

2023-06-29 +00:00

Official links

CWE Mitre.org

Alerte pour un CWE

Stay informed of any changes for a specific CWE.

Alert management

List of Alerts

Alerte pour un CWE

Stay informed of any changes for a specific CWE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CWE ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Permission Issues

Weaknesses in this category are related to improper assignment or handling of permissions.

Members

CWE-276: Incorrect Default Permissions Base

CWE-277: Insecure Inherited Permissions Base

CWE-278: Insecure Preserved Inherited Permissions Base

CWE-279: Incorrect Execution-Assigned Permissions Base

CWE-280: Improper Handling of Insufficient Permissions or Privileges Base

CWE-281: Improper Preservation of Permissions Base

CWE-618: Exposed Unsafe ActiveX Method Base

CWE-766: Critical Data Element Declared Public Base

CWE-767: Access to Critical Private Variable via Public Method Base

Informations

Vulnerability Mapping Notes

Rationale : This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comments : Consider mapping to weaknesses that are members of this Category.

Submission

Name	Organization	Date	Date Release	Version
PLOVER		2006-07-19 +00:00	2006-07-19 +00:00	Draft 3

Modifications

Name	Organization	Date	Comment
CWE Content Team	MITRE	2008-09-08 +00:00	updated Relationships, Taxonomy_Mappings
CWE Content Team	MITRE	2009-01-12 +00:00	updated Relationships
CWE Content Team	MITRE	2012-05-11 +00:00	updated References
CWE Content Team	MITRE	2014-07-30 +00:00	updated Detection_Factors
CWE Content Team	MITRE	2017-11-08 +00:00	updated Affected_Resources, Detection_Factors, Functional_Areas, Related_Attack_Patterns, Relationships
CWE Content Team	MITRE	2018-03-27 +00:00	updated Relationships
CWE Content Team	MITRE	2020-02-24 +00:00	updated Relationships, Terminology_Notes
CWE Content Team	MITRE	2021-10-28 +00:00	updated Relationships
CWE Content Team	MITRE	2023-01-31 +00:00	updated Terminology_Notes
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes

References

REF-44

24 Deadly Sins of Software Security
Michael Howard, David LeBlanc, John Viega.

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

CWE-275

Alerte pour un CWE

Functionality requiring a connection

Permission Issues

Members

CWE-276: Incorrect Default Permissions Base

CWE-277: Insecure Inherited Permissions Base

CWE-278: Insecure Preserved Inherited Permissions Base

CWE-279: Incorrect Execution-Assigned Permissions Base

CWE-280: Improper Handling of Insufficient Permissions or Privileges Base

CWE-281: Improper Preservation of Permissions Base

CWE-618: Exposed Unsafe ActiveX Method Base

CWE-766: Critical Data Element Declared Public Base

CWE-767: Access to Critical Private Variable via Public Method Base

Informations

Vulnerability Mapping Notes

Submission

Modifications

References

REF-44

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

CVE

OWASP

CISA KEV

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

No result found

Alert System

CWE-275 Categorie Detail

CWE-275

Alerte pour un CWE

Permission Issues

Members

CWE-276: Incorrect Default Permissions Base

CWE-277: Insecure Inherited Permissions Base

CWE-278: Insecure Preserved Inherited Permissions Base

CWE-279: Incorrect Execution-Assigned Permissions Base

CWE-280: Improper Handling of Insufficient Permissions or Privileges Base

CWE-281: Improper Preservation of Permissions Base

CWE-618: Exposed Unsafe ActiveX Method Base

CWE-766: Critical Data Element Declared Public Base

CWE-767: Access to Critical Private Variable via Public Method Base

Informations

Vulnerability Mapping Notes

Submission

Modifications

References

REF-44