logo

Incorrect Ownership Assignment

Incomplete Base
Structure: Simple
Description

This vulnerability occurs when a system grants ownership of a resource to an entity that should not have that level of control, placing it outside the intended security boundary.

Extended Description

Incorrect ownership assignment happens when an application or system mistakenly gives administrative or privileged control over a resource—like a file, data object, or system component—to a user, process, or entity that isn't part of the trusted group meant to manage it. This often stems from flawed permission logic, missing validation checks, or misconfigured access control lists (ACLs) during resource creation or user provisioning. As a result, actors outside the intended security sphere can perform unauthorized actions such as modifying, deleting, or exfiltrating the resource. This breaks the core security principle of least privilege and can lead to data breaches, privilege escalation, or system compromise, as untrusted entities gain influence over assets they shouldn't control.
Common Consequences 1
Scope: ConfidentialityIntegrity

Impact: Read Application DataModify Application Data

An attacker could read and modify data for which they do not have permissions to access directly.
Potential Mitigations 2
Phase: Policy
Periodically review the privileges and their owners.
Phase: Testing
Use automated tools to check for privilege settings.
Observed Examples 6
CVE-2007-5101File system sets wrong ownership and group when creating a new file.
CVE-2007-4238OS installs program with bin owner/group, allowing modification.
CVE-2007-1716Manager does not properly restore ownership of a reusable resource when a user logs out, allowing privilege escalation.
CVE-2005-3148Backup software restores symbolic links with incorrect uid/gid.
CVE-2005-1064Product changes the ownership of files that a symlink points to, instead of the symlink itself.
CVE-2011-1551Component assigns ownership of sensitive directory tree to a user account, which can be leveraged to perform privileged operations.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Architecture and Design
Implementation
Operation
Related Weaknesses
ChildOf: Improper Ownership Management (CWE-282)
CanAlsoBe: Insufficient Verification of Data Authenticity (CWE-345)
Notes
Maintenance This overlaps verification errors, permissions, and privileges. A closely related weakness is the incorrect assignment of groups to a resource. It is not clear whether it would fall under this entry or require a different entry.