F031. Excessive privileges

Description

The application, a user or a role have more privileges than they require. This can be leveraged by an attacker to execute normally restricted actions on a system.

Rules

  1. R186. Use the principle of least privilege

  2. R095. Define users with privileges

  3. R096. Set user required privileges

OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy