CWE-1220
Insufficient Granularity of Access Control
The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesse…
Official CWE-1220 definition at MITREImpactr finds and proves weaknesses like CWE-1220 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist