This category identifies Software Fault Patterns (SFPs) within the Privilege cluster (SFP36).
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 888 | Software Fault Pattern (SFP) Clusters |
| HasMember | Allowed | B | 250 | Execution with Unnecessary Privileges |
| HasMember | Allowed | B | 266 | Incorrect Privilege Assignment |
| HasMember | Allowed | B | 267 | Privilege Defined With Unsafe Actions |
| HasMember | Allowed | B | 268 | Privilege Chaining |
| HasMember | Discouraged | C | 269 | Improper Privilege Management |
| HasMember | Allowed | B | 270 | Privilege Context Switching Error |
| HasMember | Allowed-with-Review | C | 271 | Privilege Dropping / Lowering Errors |
| HasMember | Allowed | B | 272 | Least Privilege Violation |
| HasMember | Discouraged | B | 274 | Improper Handling of Insufficient Privileges |
| HasMember | Allowed | V | 520 | .NET Misconfiguration: Use of Impersonation |
| HasMember | Allowed | C | 653 | Improper Isolation or Compartmentalization |
| HasMember | Allowed | V | 9 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|