Excessive Permissions

medium

excessive-permissions

Services or users granted more permissions than necessary for their function

Elevation of PrivilegeInformation Disclosure

MITRE ATT&CK techniques

ID	Name	Tactic
T1078	Valid Accounts	Persistence

Common Weakness Enumeration

Mitigating controls

ctrl-excess-1: Implement principle of least privilege
ctrl-excess-2: Conduct regular permission audits
ctrl-excess-3: Use role-based access control (RBAC)
ctrl-excess-4: Implement just-in-time (JIT) access
ctrl-excess-5: Automate permission rightsizing

References

https://owasp.org/Top10/A01_2021-Broken_Access_Control/