CWE-286
Incorrect User Management
Description
The product does not properly manage a user within its environment.
Users can be assigned to the wrong group (class) of permissions resulting in unintended access rights to sensitive objects.
Consequences
Other
—
Varies by Context