CWE-282: Improper Ownership Management

Export to Word

Description

The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.

Extended Description

N/A

ThreatScore

Threat Mapped score: 1.8

Industry: Finiancial

Threat priority: P4 - Informational (Low)

Observed Examples (CVEs)

CVE: CVE-1999-1125

Program runs setuid root but relies on a configuration file owned by a non-root user.

Related Attack Patterns (CAPEC)

Attack TTPs

T1027.009 — Embedded Payloads (defense-evasion)
T1574.005 — Executable Installer File Permissions Weakness (persistence, privilege-escalation, defense-evasion)
T1574.010 — Services File Permissions Weakness (persistence, privilege-escalation, defense-evasion)
T1564.009 — Resource Forking (defense-evasion)
T1027.006 — HTML Smuggling (defense-evasion)

Malware

APTs (Intrusion Sets)

Modes of Introduction

Phase	Note
Architecture and Design	REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Common Consequences

Impact: Gain Privileges or Assume Identity — Notes:

Potential Mitigations

Architecture and Design: Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software. (N/A)

Applicable Platforms

None (Not Language-Specific, Undetermined)

Demonstrative Examples

Intro: This function is part of a privileged program that takes input from users with potentially lower privileges.

Body: This code does not confirm that the process to be killed is owned by the requesting user, thus allowing an attacker to kill arbitrary processes.

def killProcess(processID): os.kill(processID, signal.SIGKILL)

Notes

Maintenance: The relationships between privileges, permissions, and actors (e.g. users and groups) need further refinement within the Research view. One complication is that these concepts apply to two different pillars, related to control of resources (CWE-664) and protection mechanism failures (CWE-693).

← Back to CWE list