Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
CWE-282 Classe Brouillon
Improper Ownership Management
This vulnerability occurs when a system incorrectly assigns or fails to verify which user or process rightfully controls a specific object or resource.
Définition
What is CWE-282?
This vulnerability occurs when a system incorrectly assigns or fails to verify which user or process rightfully controls a specific object or resource.
At its core, this flaw is about broken trust in access control. It happens when software doesn't properly track or validate the true 'owner' of a file, memory block, database record, or system object. This can allow unauthorized users to delete, modify, or access resources they shouldn't, simply because the system believes they own them. Think of it as handing your house keys to a stranger because a faulty system incorrectly listed them as the homeowner.
For developers, the main risk is that operations which should be restricted to a resource's creator—like deletion or permission changes—become available to others. To prevent this, always explicitly validate ownership through a trusted authority (like a kernel or central service) before performing sensitive actions. Never rely on unverified user-supplied claims or transient identifiers that can be forged or reused. Implement clear, centralized ownership lifecycle management for all critical resources.
Impact réel
Real-world CVEs caused by CWE-282
-
Program runs setuid root but relies on a configuration file owned by a non-root user.
Comment les attaquants l'exploitent
Parcours de l'attaquant étape par étape
- 1
This function is part of a privileged program that takes input from users with potentially lower privileges.
- 2
This code does not confirm that the process to be killed is owned by the requesting user, thus allowing an attacker to kill arbitrary processes.
- 3
This function remedies the problem by checking the owner of the process before killing it:
Exemple de code vulnérable
Vulnerable Python
This function is part of a privileged program that takes input from users with potentially lower privileges.
def killProcess(processID):
os.kill(processID, signal.SIGKILL) Exemple de code sécurisé
Secure Python
This function remedies the problem by checking the owner of the process before killing it:
def killProcess(processID):
user = getCurrentUser()
```
#Check process owner against requesting user*
if getProcessOwner(processID) == user:
```
os.kill(processID, signal.SIGKILL)
return
else:
print("You cannot kill a process you don't own")
return What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Liste de contrôle de prévention
How to prevent CWE-282
- Architecture and Design / Operation Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Signaux de détection
How to detect CWE-282
Plexicus détecte automatiquement CWE-282 et ouvre une PR de correction en moins de 60 secondes.
Codex Remedium analyse chaque commit, identifie cette faiblesse précise et livre une pull request prête à être relue avec le correctif. Pas de tickets. Pas de transferts.
Questions fréquentes Qu'est-ce que CWE-282 ?
Quelle est la gravité de CWE-282 ?
Quels langages ou plateformes sont affectés par CWE-282 ?
Comment puis-je prévenir CWE-282 ?
Comment Plexicus détecte et corrige CWE-282 ?
Où puis-je en savoir plus sur CWE-282 ?
Frequently asked questions
Qu'est-ce que CWE-282 ?
This vulnerability occurs when a system incorrectly assigns or fails to verify which user or process rightfully controls a specific object or resource.
Quelle est la gravité de CWE-282 ?
MITRE n'a pas publié de note de probabilité d'exploitation pour cette faiblesse. Traitez-la comme un impact moyen jusqu'à ce que votre modèle de menace prouve le contraire.
Quels langages ou plateformes sont affectés par CWE-282 ?
MITRE n'a pas spécifié les plateformes affectées pour ce CWE — il peut s'appliquer à la plupart des stacks applicatives.
Comment puis-je prévenir CWE-282 ?
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Comment Plexicus détecte et corrige CWE-282 ?
Le moteur SAST de Plexicus reconnaît la signature de flux de données de CWE-282 à chaque commit. Lorsqu'une correspondance est trouvée, notre agent Codex Remedium ouvre une PR de correction avec le code corrigé, les tests et un résumé d'une ligne pour le relecteur.
Où puis-je en savoir plus sur CWE-282 ?
MITRE publie la définition canonique à https://cwe.mitre.org/data/definitions/282.html. Vous pouvez également consulter la documentation OWASP et NIST pour des conseils adjacents.
Faiblesses associées
Weaknesses related to CWE-282
CWE-284 Parent
Improper Access Control
The software fails to properly limit who can access a resource, allowing unauthorized users or systems to interact with it.
CWE-1191 Frère
On-Chip Debug and Test Interface With Improper Access Control
This vulnerability occurs when a hardware chip's debug or test interface (like JTAG) lacks proper access controls. Without correct…
CWE-1220 Frère
Insufficient Granularity of Access Control
This vulnerability occurs when a system's access controls are too broad, allowing unauthorized users or processes to read or modify…
CWE-1224 Frère
Improper Restriction of Write-Once Bit Fields
This vulnerability occurs when hardware write-once protection mechanisms, often called 'sticky bits,' are incorrectly implemented,…
CWE-1231 Frère
Improper Prevention of Lock Bit Modification
This vulnerability occurs when hardware or firmware uses a lock bit to protect critical system registers or memory regions, but fails to…
CWE-1233 Frère
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
This vulnerability occurs when a hardware device uses a lock bit to protect critical configuration registers, but the lock fails to…
CWE-1252 Frère
CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
This vulnerability occurs when a CPU's hardware is not set up to enforce a strict separation between writing data to memory and executing…
CWE-1257 Frère
Improper Access Control Applied to Mirrored or Aliased Memory Regions
This vulnerability occurs when a hardware design maps the same physical memory to multiple addresses (aliasing or mirroring) but fails to…
CWE-1259 Frère
Improper Restriction of Security Token Assignment
This vulnerability occurs when a System-on-a-Chip (SoC) fails to properly secure its Security Token mechanism. These tokens control which…
Prêt quand vous l'êtes
Arrêtez de payer par développeur.
Commencez à fermer la boucle.
Plexicus est l'ASPM natif IA qui scanne, filtre, corrige, penteste et explique — de façon autonome. Développeurs illimités, dépôts illimités, actions IA à usage équitable. Vrai niveau gratuit, €269/mo annuel quand vous êtes prêt.