CWE-272 – Least Privilege Violation

Read Time:42 Second

Description

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-271

 

Consequences

Access Control, Confidentiality: Gain Privileges or Assume Identity, Read Application Data, Read Files or Directories

An attacker may be able to access resources with the elevated privilege that could not be accessed with the attacker’s original privileges. This is particularly likely in conjunction with another flaw, such as a buffer overflow.

 

Potential Mitigations

Phase: Architecture and Design, Operation

Description: 

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Phase: Architecture and Design

Description: 

Follow the principle of least privilege when assigning access rights to entities in a software system.

Phase: Architecture and Design

Description: 

CVE References