1. Home
  2. Weaknesses
  3. CWE-277

CWE-277: Insecure Inherited Permissions

ID CWE-277
Abstraction Variant
Structure Simple
Status Draft
Number of CVEs 40
Detail Dashboard Vulnerabilities Web & Social
A product defines a set of insecure permissions that are inherited by objects that are created by the program.

Modes of Introduction

Phase Note
Architecture and Design
Implementation REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Operation

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-732 Incorrect Permission Assignment for Critical Resource Class Simple Draft

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date