CWE-286
Overview
- CWE ID
- 286
- CWE Name
- Incorrect User Management
- CWE Abstraction
- Class
- CWE structure
- Simple
- CWE Status
- Incomplete
Description
The software does not properly manage a user within its environment.
Extended Description
Users can be assigned to the wrong group (class) of permissions resulting in unintended access rights to sensitive objects.
Related CWEs
| CWE ID | View ID | Nature | Ordinal |
|---|---|---|---|
| 284 | 1000 | ChildOf | Primary |