Improper Privilege Management (CWE-269)

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

When privileges are not properly managed, users may gain access to resources or functionality they should not have. This includes privilege escalation and improper role assignment.

Prevalence

High

Frequently exploited

Impact

High

2 high-severity rules

Prevention

Documented

2 fix examples

2 Prevention

How to fix this vulnerability

🐍 Python View all Python details →

Default Privilege Assignment in User Creation HIGH

Create users with least-privilege defaults and require explicit admin action for privilege elevation

+4 -4 python

  def register(request):
      data = request.get_json()
-     user = User.objects.create(
-         username=data['username'],
-         email=data['email'],
-         is_staff=True,
+     user = User.objects.create_user(
+         username=data['username'],
+         email=data['email'],
+         password=data['password'],
      )
      return {'status': 'created'}

Missing Role/Permission Checks HIGH

Use permission decorators to verify user roles before any privilege modification

+5 -3 python

- from django.http import JsonResponse
- from django.contrib.auth.models import User
- 
+ from django.contrib.auth.decorators import permission_required
+ from django.http import JsonResponse
+ from django.contrib.auth.models import User
+ 
+ @permission_required('auth.change_user', raise_exception=True)
  def promote_user(request, user_id):
      user = User.objects.get(id=user_id)
      user.is_staff = True
      user.save()
      return JsonResponse({'status': 'promoted'})

3 Detection

Find vulnerabilities in your code

Use Shoulder to scan your codebase for Improper Privilege Management patterns. 2 rules.

terminal

# Scan with Shoulder CLI
npx @shoulderdev/cli trust --cwe=269

# Or scan entire project
npx @shoulderdev/cli trust .

Detection Rules (2)

🐍 Python 2 rules

Default Privilege Assignment in User Creation HIGH

Detects user creation flows that assign elevated privileges by default.

Missing Role/Permission Checks HIGH

Detects privileged operations like role modification without verifying user permissions.

4 Warning Signs

What to watch for in code reviews

These patterns indicate potential Improper Privilege Management vulnerabilities. Look for these during code reviews and security audits.

🟠

user creation flows that assign elevated privileges by default python-default-privilege-assignment

🟠

privileged operations like role modification without verifying user permissions python-privilege-escalation

🔍

Scan your codebase for Improper Privilege Management

Shoulder CLI finds vulnerable patterns across your entire codebase.

npx shoulder trust Browse all rules