Generic User Account Privilege Abuse
Variants:
Direct
Also Known As:
Privilege Escalation
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Secure Design
Invented In:
01/01/1999
Added In:
17/12/2014
Vector Operation Method:
Any abuse of semi-legitimate currently assigned roles to elevate privileges, or perform forbidden operations. For example - a low privileged clerk account that can create new user accounts by design, including admin users.
