1. Home
  2. CWE Database
  3. CWE-560
Variant · Low-Medium

CWE-560: Use of umask() with chmod-style Argument

The product calls umask() with an incorrect argument that is specified as if it is an argument to chmod().

CWE-560 · Variant Level ·1 Mitigations

Description

The product calls umask() with an incorrect argument that is specified as if it is an argument to chmod().

Potential Impact

Confidentiality, Integrity, Access Control

Read Files or Directories, Modify Files or Directories, Bypass Protection Mechanism

Mitigations & Prevention

Implementation

Use umask() with the correct argument.

Detection Methods

  • Automated Static Analysis — If you suspect misuse of umask(), you can use grep to spot call instances of umask().

CWE-687: Function Call With Incorrectly Specified Argument Value

The product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value,...

Frequently Asked Questions

What is CWE-560?

CWE-560 (Use of umask() with chmod-style Argument) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Variant-level weakness. The product calls umask() with an incorrect argument that is specified as if it is an argument to chmod().

How can CWE-560 be exploited?

Attackers can exploit CWE-560 (Use of umask() with chmod-style Argument) to read files or directories, modify files or directories, bypass protection mechanism. This weakness is typically introduced during the Implementation phase of software development.

How do I prevent CWE-560?

Key mitigations include: Use umask() with the correct argument.

What is the severity of CWE-560?

CWE-560 is classified as a Variant-level weakness (Low-Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.