CWE-281

Improper Preservation of Permissions

Base

Draft

Description

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

Parent Weaknesses (ChildOf)

CWE-732: Incorrect Permission Assignmen...

Common Consequences

Scope

Confidentiality

Integrity

Impact

Read Application Data, Modify Application Data

CVE-2002-2323

Incorrect ACLs used when restoring backups from directories that use symbolic links.

CVE-2001-1515

Automatic modification of permissions inherited from another file system.

CVE-2005-1920

Permissions on backup file are created with defaults, possibly less secure than original file.

CVE-2001-0195

File is made world-readable when being cloned.

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-281

Improper Preservation of Permissions

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms