Tag Archives: CWE- 1267

CWE-1267 – Policy Uses Obsolete Encoding

Read Time:22 Second

Description

The product uses an obsolete encoding mechanism to implement access controls.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-284

 

Consequences

Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory, Modify Files or Directories, Read Files or Directories, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Reduce Reliability

 

Potential Mitigations

Phase: Architecture and Design, Implementation

Effectiveness: High

Description: 

CVE References