CWE-556 · ASP.NET Misconfiguration: Use of Identity Impersonation

Scaner-VSvulnerability catalog · v4.2

Home Catalog Sources CWE CAPEC ATT&CK Mitigations Products Vendors Docs

← Back to List

CWE-556VariantIncomplete

Abstraction: Variant

Status: Incomplete

ASP.NET Misconfiguration: Use of Identity Impersonation

Configuring an ASP.NET application to run with impersonated credentials may give the application unnecessary privileges.

Open in catalog with CWE filter →

Related CAPECs

—

Related vulnerabilities

CVE-2024-37081The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.