Placement of User into Incorrect Group

Description

This vulnerability occurs when a system or administrator assigns a user to the wrong security group or role.

Extended Description

When a user is placed into a group with higher privileges than intended, they can bypass security controls. This allows unauthorized access to sensitive data, functions, or system resources that should be off-limits, effectively creating a privilege escalation path. Access control systems typically trust group assignments, so they won't flag this incorrect membership as malicious activity. This makes the issue hard to detect, allowing potential abuse to go unnoticed unless specific user actions are audited against their intended permissions.

Common Consequences 1

Scope: Access Control

Impact: Gain Privileges or Assume Identity

Observed Examples 6

CVE-1999-1193Operating system assigns user to privileged wheel group, allowing the user to gain root privileges.

CVE-2010-3716Chain: drafted web request allows the creation of users with arbitrary group membership.

CVE-2008-5397Chain: improper processing of configuration options causes users to contain unintended group memberships.

CVE-2007-6644CMS does not prevent remote administrators from promoting other users to the administrator group, in violation of the intended security model.

CVE-2007-3260Product assigns members to the root group, allowing escalation of privileges.

CVE-2002-0080Chain: daemon does not properly clear groups before dropping privileges.