CWE-654: Reliance on a Single Factor in a Security Decision

Also known as: Separation of Privilege

A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrity of a single object or entity in order to make a decision about granting access to restricted resources or functionality.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

CWE-654 (Reliance on a Single Factor in a Security Decision) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

CWE-654: Reliance on a Single Factor in a Security Decision

Overview

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Illustrative examples

Terminology & mappings

Alternate terms

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-654?

How do you prevent CWE-654?

What are the consequences of CWE-654?

References

Stay ahead of CWE-654

Overview

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Illustrative examples

Related weaknesses

Parent

Child

Peer

Terminology & mappings

Alternate terms

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-654?

How do you prevent CWE-654?

What are the consequences of CWE-654?

References

Stay ahead of CWE-654