CWE-386: Symbolic Name not Mapping to Correct Object
A constant symbolic reference to an object is used, even though the reference can resolve to a different object over time.
Last updated
Overview
CWE-386 (Symbolic Name not Mapping to Correct Object) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
1 recorded CVEs are caused by CWE-386 (Symbolic Name not Mapping to Correct Object). The highest-severity and most recent are shown first.
Common consequences
What can happen when CWE-386 is exploited.
Gain Privileges or Assume Identity
Affects: Access Control
The attacker can gain access to otherwise unauthorized resources.
Modify Application Data, Modify Files or Directories, Read Application Data, Read Files or Directories, Other
Affects: Integrity, Confidentiality, Other
Race conditions such as this kind may be employed to gain read or write access to resources not normally readable or writable by the user in question.
Modify Application Data, Other
Affects: Integrity, Other
The resource in question, or other resources (through the corrupted one) may be changed in undesirable ways by a malicious user.