|
|
|
CWE CATEGORY: Permissions, Privileges, and Access Controls
Category ID: 264
Vulnerability Mapping:
PROHIBITED
This CWE ID must not be used to map to real-world vulnerabilities
|
Summary
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
Membership
Vulnerability Mapping Notes
Usage:
PROHIBITED
(this CWE ID must not be used to map to real-world vulnerabilities)
|
Reason:
Category
|
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1287]. This CWE ID may have become widely-used because of NIST's usage in NVD from 2008 to 2016 (see CWE-635 view, updated to the CWE-1003 view in 2016).
|
Comments: Some weakness-oriented alternatives might be found as descendants under Improper Access Control (CWE-284). Note: use of CWE-284 is Discouraged; see CWE-284's Mapping Notes.
|
Notes
Maintenance
This entry heavily overlaps other categories and has been marked obsolete.
References
More information is available — Please edit the custom filter or select a different filter.
|