Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-267 (特权定义了不安全动作) — Vulnerability Class 42

42 vulnerabilities classified as CWE-267 (特权定义了不安全动作). AI Chinese analysis included.

CWE-267 represents a design flaw where a defined privilege, role, or capability inherently permits unsafe actions that were not originally intended by the system architects. This weakness arises when the scope of a permission is overly broad or poorly defined, allowing authorized entities to execute operations that compromise security or integrity. Attackers typically exploit this by leveraging legitimate credentials to perform unauthorized activities, such as accessing sensitive data or modifying system configurations, because the privilege itself grants excessive capabilities. Developers can mitigate this risk by adhering to the principle of least privilege, ensuring that each role is granted only the minimum permissions necessary for its specific function. Rigorous threat modeling and regular code reviews help identify and restrict unintended action paths within privilege definitions, thereby preventing abuse even when assigned to correct entities.

MITRE CWE Description
A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (1)
This code intends to allow only Administrators to print debug information about a system.
public enum Roles { ADMIN,USER,GUEST } public void printDebugInfo(User requestingUser){ if(isAuthenticated(requestingUser)){ switch(requestingUser.role){ case GUEST: System.out.println("You are not authorized to perform this command"); break; default: System.out.println(currentDebugState()); break; } } else{ System.out.println("You must be logged in to perform this command"); } }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2021-23166 Odoo 安全漏洞 — Odoo Community 7.2 -2023-04-25
CVE-2021-44476 Odoo 安全漏洞 — Odoo Community 4.9 -2023-04-25
CVE-2023-27895 Information Disclosure vulnerability in SAP Authenticator for Android — Authenticator for Android 6.1 Medium2023-03-14
CVE-2022-38124 Unwanted debug tool — SiteManager 5.7 Medium2022-12-13
CVE-2021-40354 Siemens Teamcenter 权限许可和访问控制问题漏洞 — Teamcenter V12.4 8.8 -2021-09-14
CVE-2021-32739 Results of queries for ApiListener objects include the ticket salt which allows in turn to steal (more privileged) identities — icinga2 8.8 High2021-07-15
CVE-2020-29396 Odoo 安全漏洞 — Odoo Community 8.8 -2020-12-22
CVE-2020-7824 Ericssonlg iPECS Privilege Escalation Vulnerability — iPCES UCM 6.5 Medium2020-08-25
CVE-2019-10170 Red Hat Keycloak 安全漏洞 — keycloak 6.6 Medium2020-05-08
CVE-2019-10169 Red Hat Keycloak 安全漏洞 — keycloak 6.6 Medium2020-05-08
CVE-2019-14865 grub2 grub2-set-bootflag实用程序安全漏洞 — grub2 7.1 -2019-11-29
CVE-2017-2616 util-linux 安全漏洞 — util-linux 4.7 -2018-07-27

Vulnerabilities classified as CWE-267 (特权定义了不安全动作) represent 42 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.