https://wiki.owasp.org/index.php?action=history&feed=atom&title=Multiple_admin_levels 2026-04-11T10:02:09Z Revision history for this page on the wiki MediaWiki 1.27.2 https://wiki.owasp.org/index.php?title=Multiple_admin_levels&diff=79008&oldid=prev 2010-02-27T20:20:11Z

<p>Created page with &#039; {{Template:Vulnerability}} Last revision (02/27/10): &#039;&#039;&#039;{{FEB}}/{{27}}/{{2010}}&#039;&#039;&#039; <a href="/index.php?title=ASDR_TOC_Vulnerabilities&amp;action=edit&amp;redlink=1" class="new" title="ASDR TOC Vulnerabilities (page does not exist)">Vulnerabilities Table of Contents</a> ==Description== In an applic…&#039;</p> <p><b>New page</b></p><div><br /> {{Template:Vulnerability}}<br /> Last revision (02/27/10): '''{{FEB}}/{{27}}/{{2010}}'''<br /> <br /> [[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]<br /> <br /> ==Description==<br /> <br /> In an application with administrators that have the ability to alter login credentials of users, if there are multiple levels of administrator permissions, there needs to be a control preventing administrators with lower permission levels from altering login credentials of higher level admins.<br /> <br /> <br /> ==Risk Factors==<br /> <br /> * Likelihood of this happening relies on an attacker getting control of a lower level admin account in the first place. <br /> * Administrator misconduct or mistakes could be made worse if they could easily escalate their own permissions.<br /> * There is no point to create administrators with different levels of permissions if you don't prevent them from easily escalating their own permissions.</div>

Allison Nixon