CWE-286: Incorrect User Management

ClassIncomplete

The product does not properly manage a user within its environment.

View on MITRE
Back to CWE Lookup

Extended Description

Users can be assigned to the wrong group (class) of permissions resulting in unintended access rights to sensitive objects.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-286

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references