CWE-273

Overview

CWE ID
273

CWE Name
Improper Check for Dropped Privileges

CWE Abstraction
Base

CWE structure
Simple

CWE Status
Incomplete

Description

The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

Extended Description

If the drop fails, the software will continue to run with the raised privileges, which might provide additional access to unprivileged users.

Related CWEs

CWE ID	View ID	Nature	Ordinal
754	1000	ChildOf	Primary
754	1003	ChildOf	Primary
271	1000	ChildOf
252	1000	PeerOf

Related CVEs

CVE
CVE-2019-18276
CVE-2021-36372
CVE-2019-20044
CVE-2018-8599
CVE-2020-14300
CVE-2020-14298
CVE-2019-14879
CVE-2011-3350
CVE-2011-2921
CVE-2012-1187
CVE-2018-16466
CVE-2020-24361
CVE-2017-6972
CVE-2015-0278
CVE-2021-3982
CVE-2021-37839
CVE-2022-0358
CVE-2023-5369
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2024-38813
CVE-2023-0657