CWE-732 - CERT CVE

CWE-732 - Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CAPEC ID Naziv
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-122 Privilege Abuse
CAPEC-127 Directory Indexing
CAPEC-17 Using Malicious Files
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-206 Signing Malicious Code
CAPEC-234 Hijacking a privileged process
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-61 Session Fixation
CAPEC-62 Cross Site Request Forgery
CAPEC-642 Replace Binaries