CWE-283: Unverified Ownership

Export to Word

Description

The product does not properly verify that a critical resource is owned by the proper entity.

Extended Description

N/A

ThreatScore

Threat Mapped score: 1.8

Industry: Finiancial

Threat priority: P4 - Informational (Low)

Observed Examples (CVEs)

CVE: CVE-2001-0178

Program does not verify the owner of a UNIX socket that is used for sending a password.
CVE: CVE-2004-2012

Owner of special device not checked, allowing root.

Related Attack Patterns (CAPEC)

N/A

Attack TTPs

N/A

Modes of Introduction

Phase	Note
Architecture and Design	REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Common Consequences

Impact: Gain Privileges or Assume Identity — Notes: An attacker could gain unauthorized access to system resources.

Potential Mitigations

Architecture and Design: Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software. (N/A)
Architecture and Design: Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource. (N/A)

Applicable Platforms

None (Not Language-Specific, Undetermined)

Demonstrative Examples

Intro: This function is part of a privileged program that takes input from users with potentially lower privileges.

Body: This code does not confirm that the process to be killed is owned by the requesting user, thus allowing an attacker to kill arbitrary processes.

def killProcess(processID): os.kill(processID, signal.SIGKILL)

Notes

Relationship: This overlaps insufficient comparison, verification errors, permissions, and privileges.

← Back to CWE list