CWE-556
ASP.NET Misconfiguration: Use of Identity Impersonation
VariantIncomplete
Description
Configuring an ASP.NET application to run with impersonated credentials may give the application unnecessary privileges.
The use of impersonated credentials allows an ASP.NET application to run with either the privileges of the client on whose behalf it is executing or with arbitrary privileges granted in its configuration.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (0)
No CVEs match the current filter.