DerScanner
Home / Vulnerability Database / Scala : Missing authorization
Scala

Scala : Missing authorization

Classification

OWASP Top 10 2017
A5-Broken Access Control
OWASP Top 10 2021
A1-Broken Access Control
OWASP ASVS
Error Handling and LoggingAccess ControlAccess ControlAccess ControlAccess Control
CWE
CWE-285CWE-306CWE-732CWE-862
CWE/SANS Top 25 2011
CWE-306CWE-732CWE-862
CWE/SANS Top 25 2021
CWE-306CWE-732CWE-862

Overview

The software does not perform an authorization check when an actor attempts to access a resource or perform an action.

When access control checks are not applied, this can lead to a wide range of problems, including information exposures, denial of service, and arbitrary code execution.

Missing authorization weaknesses may arise when a single-user application is ported to a multi-user environment.

References

  1. CWE-862: Missing Authorization
LOW

DerScanner Severity Score

Do you want to fix Scala : Missing authorization in your application?

See also

Scala

Scala : Unreleased resource stream

Scala

Scala : Multiple loggers in same class

Scala

Scala : Insufficient encryption key length