CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-G8QW-MGJX-RWJR
Vulnerability from github – Published: 2025-06-16 16:01 – Updated: 2025-06-17 19:26Impact
When an authd user logs in via SSH for the first time (meaning they do not yet exist in the authd user database) and successfully authenticates via the configured broker, the user is considered a member of the root group in the context of that SSH session. This situation may allow the user to read and write files that are accessible by the root group, to which they should not have access. The user does not get root privileges or any capabilities beyond the access granted to the root group.
Preconditions under which this vulnerability affects a system
* authd was installed via the PPA.
* An OAuth 2.0 application was registered in Microsoft Entra ID or Google IAM, and the respective authd broker was installed (authd-msentraid or authd-google) and configured.
* sshd was configured to enable SSH access with authd, i.e.:
UsePAM yes
KbdInteractiveAuthentication yes
* The username is allowed by the ssh_allowed_suffixes option in the broker configuriation.
* The user is allowed by the allowed_users option in the broker configuration.
* The user successfully authenticates via the authd broker (Entra ID or Google IAM).
* The user did not log in locally before.
Patches
Fixed by https://github.com/ubuntu/authd/commit/619ce8e55953b970f1765ddaad565081538151ab
Workarounds
Configure the SSH server to not allow authenticating via authd, for example by setting UsePAM no or KbdInteractiveAuthentication no in the sshd_config (see https://documentation.ubuntu.com/authd/stable/howto/login-ssh/#ssh-configuration).
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/ubuntu/authd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-5689"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": true,
"github_reviewed_at": "2025-06-16T16:01:10Z",
"nvd_published_at": "2025-06-16T12:15:19Z",
"severity": "MODERATE"
},
"details": "### Impact\nWhen an authd user logs in via SSH for the first time (meaning they do not yet exist in the authd user database) and successfully authenticates via the configured broker, the user is considered a member of the root group in the context of that SSH session. This situation may allow the user to read and write files that are accessible by the root group, to which they should not have access. The user does not get root privileges or any capabilities beyond the access granted to the root group.\n\n**Preconditions under which this vulnerability affects a system**\n* authd was [installed via the PPA](https://documentation.ubuntu.com/authd/latest/howto/install-authd/#install-authd).\n* An OAuth 2.0 application was registered in Microsoft Entra ID or Google IAM, and the respective authd broker was installed ([authd-msentraid](https://snapcraft.io/authd-msentraid) or [authd-google](https://snapcraft.io/authd-google)) and [configured](https://documentation.ubuntu.com/authd/latest/howto/configure-authd/#broker-configuration).\n* sshd was [configured to enable SSH](https://documentation.ubuntu.com/authd/latest/howto/login-ssh/) access with authd, i.e.:\n ```\n UsePAM yes\n KbdInteractiveAuthentication yes\n ```\n* The username is allowed by the `ssh_allowed_suffixes` option in the [broker configuriation](https://documentation.ubuntu.com/authd/latest/howto/login-ssh/#broker-configuration).\n* The user is allowed by the [`allowed_users` option in the broker configuration](https://documentation.ubuntu.com/authd/latest/howto/configure-authd/#configure-allowed-users).\n* The user successfully authenticates via the authd broker (Entra ID or Google IAM).\n* The user did not log in locally before.\n\n### Patches\nFixed by https://github.com/ubuntu/authd/commit/619ce8e55953b970f1765ddaad565081538151ab\n\n### Workarounds\nConfigure the SSH server to not allow authenticating via authd, for example by setting `UsePAM no` or `KbdInteractiveAuthentication no` in the `sshd_config` (see https://documentation.ubuntu.com/authd/stable/howto/login-ssh/#ssh-configuration).",
"id": "GHSA-g8qw-mgjx-rwjr",
"modified": "2025-06-17T19:26:35Z",
"published": "2025-06-16T16:01:10Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ubuntu/authd/security/advisories/GHSA-g8qw-mgjx-rwjr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5689"
},
{
"type": "WEB",
"url": "https://github.com/ubuntu/authd/commit/619ce8e55953b970f1765ddaad565081538151ab"
},
{
"type": "PACKAGE",
"url": "https://github.com/ubuntu/authd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "New authd users logging in via SSH are members of the root group"
}
GHSA-G989-9GJV-RRFG
Vulnerability from github – Published: 2025-02-12 12:30 – Updated: 2025-02-12 12:30The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.76. This is due to the plugin allowing a user to supply the 'role' field when registering. This makes it possible for unauthenticated attackers to register as an administrator on vulnerable sites.
{
"affected": [],
"aliases": [
"CVE-2024-12213"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-12T10:15:08Z",
"severity": "CRITICAL"
},
"details": "The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.76. This is due to the plugin allowing a user to supply the \u0027role\u0027 field when registering. This makes it possible for unauthenticated attackers to register as an administrator on vulnerable sites.",
"id": "GHSA-g989-9gjv-rrfg",
"modified": "2025-02-12T12:30:46Z",
"published": "2025-02-12T12:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12213"
},
{
"type": "WEB",
"url": "https://themeforest.net/item/superio-job-board-wordpress-theme/32180231"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7cdfce88-b6c2-4820-9d6f-446f61b9b596?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G9J8-FR6X-695W
Vulnerability from github – Published: 2026-05-17 12:30 – Updated: 2026-05-17 12:30A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb_system/function/c_system_event.php of the component Commend Approval Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
{
"affected": [],
"aliases": [
"CVE-2026-8747"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-17T11:16:35Z",
"severity": "LOW"
},
"details": "A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb_system/function/c_system_event.php of the component Commend Approval Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.",
"id": "GHSA-g9j8-fr6x-695w",
"modified": "2026-05-17T12:30:25Z",
"published": "2026-05-17T12:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8747"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/810027"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/364334"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/364334/cti"
},
{
"type": "WEB",
"url": "https://vulnplus-note.wetolink.com/share/31wtzNoJbxKQ"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-G9JP-P8W6-7F2Q
Vulnerability from github – Published: 2023-06-07 18:30 – Updated: 2024-04-04 04:39An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintainer in a project can escalate other users to Owners in that project if they import members from another project that those other users are Owners of.
{
"affected": [],
"aliases": [
"CVE-2023-2485"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-07T17:15:10Z",
"severity": "MODERATE"
},
"details": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintainer in a project can escalate other users to Owners in that project if they import members from another project that those other users are Owners of.",
"id": "GHSA-g9jp-p8w6-7f2q",
"modified": "2024-04-04T04:39:41Z",
"published": "2023-06-07T18:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2485"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1934811"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2485.json"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/407830"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GC9M-CQR9-5R48
Vulnerability from github – Published: 2025-11-13 15:30 – Updated: 2025-11-15 09:30A weakness has been identified in macrozheng mall-swarm up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-13116"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-13T14:15:48Z",
"severity": "MODERATE"
},
"details": "A weakness has been identified in macrozheng mall-swarm up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-gc9m-cqr9-5r48",
"modified": "2025-11-15T09:30:25Z",
"published": "2025-11-13T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13116"
},
{
"type": "WEB",
"url": "https://github.com/Hwwg/cve/issues/13"
},
{
"type": "WEB",
"url": "https://github.com/Hwwg/cve/issues/8"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.332321"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.332321"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.683339"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.686530"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-GCFQ-P9H5-PJMX
Vulnerability from github – Published: 2026-03-25 18:31 – Updated: 2026-03-27 15:30Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through <= 1.7.0.
{
"affected": [],
"aliases": [
"CVE-2026-27051"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-25T17:16:54Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through \u003c= 1.7.0.",
"id": "GHSA-gcfq-p9h5-pjmx",
"modified": "2026-03-27T15:30:25Z",
"published": "2026-03-25T18:31:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27051"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Theme/golo/vulnerability/wordpress-golo-theme-1-7-0-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-GFFR-G4H9-F8X5
Vulnerability from github – Published: 2025-05-28 15:34 – Updated: 2025-05-28 15:34Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue.
This issue affects the following versions :
- Devolutions Server 2025.1.3.0 through 2025.1.7.0
- Devolutions Server 2024.3.15.0 and earlier
{
"affected": [],
"aliases": [
"CVE-2025-4493"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-28T13:15:19Z",
"severity": "MODERATE"
},
"details": "Improper privilege assignment in PAM JIT privilege sets in Devolutions \nServer allows a PAM user to perform PAM JIT \nrequests on unauthorized groups by exploiting a user interface issue.\n\n\nThis issue affects the following versions :\u00a0\n\n * Devolutions Server 2025.1.3.0 through 2025.1.7.0\n * Devolutions Server 2024.3.15.0 and earlier",
"id": "GHSA-gffr-g4h9-f8x5",
"modified": "2025-05-28T15:34:33Z",
"published": "2025-05-28T15:34:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4493"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2025-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GFMP-FJX4-3GRR
Vulnerability from github – Published: 2024-11-20 18:32 – Updated: 2024-11-20 18:32A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/user_permission.php of the component User Permission Handler. The manipulation leads to permission issues. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2024-11486"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-20T16:15:20Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/user_permission.php of the component User Permission Handler. The manipulation leads to permission issues. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-gfmp-fjx4-3grr",
"modified": "2024-11-20T18:32:17Z",
"published": "2024-11-20T18:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11486"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.285501"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.285501"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.441916"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-GFV5-GRX2-9JW2
Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2022-06-23 18:02Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.8.7"
},
"package": {
"ecosystem": "Maven",
"name": "org.elasticsearch:elasticsearch"
},
"ranges": [
{
"events": [
{
"introduced": "6.7.0"
},
{
"fixed": "6.8.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 7.6.1"
},
"package": {
"ecosystem": "Maven",
"name": "org.elasticsearch:elasticsearch"
},
"ranges": [
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.6.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-7009"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": true,
"github_reviewed_at": "2022-06-23T18:02:18Z",
"nvd_published_at": "2020-03-31T19:15:00Z",
"severity": "HIGH"
},
"details": "Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.",
"id": "GHSA-gfv5-grx2-9jw2",
"modified": "2022-06-23T18:02:18Z",
"published": "2022-05-24T17:13:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7009"
},
{
"type": "WEB",
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-8-and-7-6-2-security-update/225920"
},
{
"type": "PACKAGE",
"url": "https://github.com/elastic/elasticsearch"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200403-0004"
},
{
"type": "WEB",
"url": "https://www.elastic.co/community/security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Privilege Management in Elasticsearch"
}
GHSA-GG6C-59XW-8RHW
Vulnerability from github – Published: 2025-03-07 15:31 – Updated: 2025-03-07 15:31A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-2089"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-07T15:15:15Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-gg6c-59xw-8rhw",
"modified": "2025-03-07T15:31:44Z",
"published": "2025-03-07T15:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2089"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.298903"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.298903"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.514977"
},
{
"type": "WEB",
"url": "https://wiki.shikangsi.com/post/share/baecf028-1116-4600-ae9c-f655cc93c29b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.