CWE-901: SFP Primary Cluster: Privilege
ID
CWE-901
Status
Incomplete
This category identifies Software Fault Patterns (SFPs) within the Privilege cluster (SFP36).
Relationships
| View | Weakness | ||||||
|---|---|---|---|---|---|---|---|
| # ID | Name | # ID | Name | Abstraction | Structure | Status | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-250 | Execution with Unnecessary Privileges | Base | Simple | Draft | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-266 | Incorrect Privilege Assignment | Base | Simple | Draft | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-267 | Privilege Defined With Unsafe Actions | Base | Simple | Incomplete | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-268 | Privilege Chaining | Base | Simple | Draft | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-269 | Improper Privilege Management | Class | Simple | Draft | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-270 | Privilege Context Switching Error | Base | Simple | Draft | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-271 | Privilege Dropping / Lowering Errors | Class | Simple | Incomplete | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-272 | Least Privilege Violation | Base | Simple | Incomplete | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-274 | Improper Handling of Insufficient Privileges | Base | Simple | Draft | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-520 | .NET Misconfiguration: Use of Impersonation | Variant | Simple | Incomplete | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-653 | Improper Isolation or Compartmentalization | Class | Simple | Draft | |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-9 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | Variant | Simple | Draft | |
Loading...