CWE-269: Improper Privilege Management

CWE-269: Improper Privilege Management | RadicalNotion.AI

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

This code temporarily raises the program's privileges to allow creation of a new user folder.

Vulnerable example

python

def makeNewUserDir(username):

While the program only raises its privilege level to create the folder and immediately lowers it again, if the call to os.mkdir() throws an exception, the call to lowerPrivileges() will not occur. As a result, the program is indefinitely operating in a raised privilege state, possibly allowing further exploitation to occur.

The following example demonstrates the weakness.

Vulnerable example

/* do some stuff */
seteuid(0);

The following example demonstrates the weakness.

Vulnerable example

java

AccessController.doPrivileged(new PrivilegedAction() {

This code intends to allow only Administrators to print debug information about a system.

Vulnerable example

java

public enum Roles {

While the intention was to only allow Administrators to print the debug information, the code as written only excludes those with the role of "GUEST". Someone with the role of "ADMIN" or "USER" will be allowed access, which goes against the original intent. An attacker may be able to use this debug information to craft an attack on the system.

This code allows someone with the role of "ADMIN" or "OPERATOR" to reset a user's password. The role of "OPERATOR" is intended to have less privileges than an "ADMIN", but still be able to help users with small issues such as forgotten passwords.

Vulnerable example

java

public enum Roles {

This code does not check the role of the user whose password is being reset. It is possible for an Operator to gain Admin privileges by resetting the password of an Admin account and taking control of that account.

CWE-269: Improper Privilege Management

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Illustrative examples

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-269?

What CVEs are caused by CWE-269?

How do you prevent CWE-269?

How is CWE-269 detected?

What are the consequences of CWE-269?

Is CWE-269 actively exploited?

References

Stay ahead of CWE-269

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Illustrative examples

Related weaknesses

Parent

Child

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-269?

What CVEs are caused by CWE-269?

How do you prevent CWE-269?

How is CWE-269 detected?

What are the consequences of CWE-269?

Is CWE-269 actively exploited?

References

Stay ahead of CWE-269