Cyber Resilience

CWE · MITRE source

CWE-283Unverified Ownership

Abstraction: Base · CVEs in our corpus: 23

The product does not properly verify that a critical resource is owned by the proper entity.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: mostly · 3 mapping(s) from 3 framework(s): OWASP-Web 1 (mostly) · STIG windows server 2016 1 (partial) · STIG windows server 2019 1 (partial)

See the full cumulative-coverage rollup →

OWASP Top 10 for Web (2025)

This weakness contributes to A01:2025 Broken Access Control.

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2024-279037.09.80.08922024-07-08
CVE-2026-20912 UPD7.09.10.00422026-01-22
CVE-2021-245005.58.10.00652021-08-09
CVE-2021-245015.58.10.01252021-08-09
CVE-2025-47940 UPD5.57.20.00382025-05-20
CVE-2025-43882 UPD5.57.80.00122025-08-27
CVE-2026-260165.58.10.00322026-02-19
CVE-2026-297885.57.50.00262026-03-06
CVE-2026-42695.57.50.00242026-03-16
CVE-2020-85543.56.30.09272021-01-21
CVE-2022-292203.56.50.00462022-05-31
CVE-2024-1853 UPD3.55.50.00202024-03-14
CVE-2025-10073.55.30.00472025-02-19
CVE-2025-9822 UPD3.55.50.00222025-09-03
CVE-2025-360913.54.30.00312025-11-03
CVE-2025-128153.54.30.00262025-11-06
CVE-2026-05983.54.20.00222026-02-06
CVE-2026-274863.55.30.00292026-02-21
CVE-2026-403373.55.10.00152026-04-18
CVE-2026-44562 UPD3.56.50.00292026-05-15
CVE-2026-44707 UPD3.56.80.00342026-05-26
CVE-2023-305441.63.90.00422023-04-24
CVE-2023-60681.53.10.00342024-03-04