CWE-274: Improper Handling of Insufficient Privileges
ID
CWE-274
Abstraction
Base
Structure
Simple
Status
Draft
Number of CVEs
29
The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.
Modes of Introduction
| Phase | Note |
|---|---|
| Implementation | REALIZATION: This weakness is caused during implementation of an architectural security tactic. |
| Operation |
Applicable Platforms
| Type | Class | Name | Prevalence |
|---|---|---|---|
| Language | Not Language-Specific |
Relationships
| View | Weakness | |||||||
|---|---|---|---|---|---|---|---|---|
| # ID | View | Status | # ID | Name | Abstraction | Structure | Status | |
| CWE-1000 | Research Concepts | Draft | CWE-755 | Improper Handling of Exceptional Conditions | Class | Simple | Incomplete | |
| CWE-1000 | Research Concepts | Draft | CWE-269 | Improper Privilege Management | Class | Simple | Draft | |
| CWE-1000 | Research Concepts | Draft | CWE-271 | Privilege Dropping / Lowering Errors | Class | Simple | Incomplete | |
| CWE-1000 | Research Concepts | Draft | CWE-280 | Improper Handling of Insufficient Permissions or Privileges | Base | Simple | Draft | |
CVEs Published
CVSS Severity
CVSS Severity - By Year
CVSS Base Score
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |
Loading...