CWE-842: Placement of User into Incorrect Group
low-riskThe product or the administrator places a user into an incorrect group.
Abstraction: Base
Common Consequences
Access Control
→
Gain Privileges or Assume Identity
Real-World Examples (8)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2022-31007 | 4.9 | 13.1% | — |
| CVE-2024-10082 | 8.7 | 0.4% | — |
| CVE-2024-25632 | 8.6 | 0.3% | — |
| CVE-2022-45097 | 6.3 | 0.3% | — |
| CVE-2023-25575 | 7.7 | 0.2% | — |
| CVE-2022-2990 | 7.1 | 0.1% | — |
| CVE-2022-2989 | 7.1 | 0.0% | — |
| CVE-2022-3650 | 7.8 | 0.0% | — |
4
/ 100
low-risk
Active Threat
4/50 · Minimal
Exploit Availability
0/50 · Minimal