Rules

F031. Excessive privileges

Description

The application, a user or a role have more privileges than they require. This can be leveraged by an attacker to execute normally restricted actions on a system.

Rules

R186. Use the principle of least privilege
R095. Define users with privileges
R096. Set user required privileges

We are a proud corporate member of the OWASP Foundation

Products
Integrates
Skims
Drills
Forces

Services
Continuous Hacking
One-shot Hacking
Comparative

Solutions
DevSecOps
Security Testing
Pentesting
Ethical Hacking
Red Teaming
Attack Simulation

About Us
Certifications
Differentiators
Values
Reviews
Resources
Events
People
Partners
Security

Blog
Careers
FAQ
Community
Contact
Newsletter

Number is valid Number is not valid

Please select an option

Service status - Terms of Use - Privacy Policy - Cookie Policy