Back to CWE list
CWE-282
Improper Ownership Management
Class
Draft
Description
The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Access Control
Impact
Gain Privileges or Assume Identity
Potential Mitigations
Architecture and Design
Operation
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
CVE-1999-1125Program runs setuid root but relies on a configuration file owned by a non-root user.
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now