Back to CWE list
CWE-274
Improper Handling of Insufficient Privileges
Base
Draft
Description
The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.
Parent Weaknesses (ChildOf)
Related Weaknesses
Common Consequences
Scope
Other
Impact
Other, Alter Execution Logic
CVE-2001-1564System limits are not properly enforced after privileges are dropped.
CVE-2005-3286Firewall crashes when it can't read a critical memory block that was protected by a malicious process.
CVE-2005-1641Does not give admin sufficient privileges to overcome otherwise legitimate user actions.
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now