skip to Main Content
Researcher Portal
Customer Portal
Why Bugcrowd
Explore The Platform
How it Works
The Bugcrowd Difference
Integrations
Vulnerability Rating Taxonomy
Products
What We Offer
Penetration Testing
Classic Pen Test
Next Gen Pen Test
Web Application Pen Test
Network Pen Test
Bug Bounty
Vulnerability Disclosure
Attack Surface Management
Bug Bash
Solutions
By Industry
Financial Services
Healthcare
Retail
Automotive
Technology
Industry
Government
Security
Marketplace Apps
Mergers & Acquisitions
Researchers
Hack With Us
Programs
CrowdStream
Bug Bounty List
FAQs
Help Wanted
Learn With Us
Overview
Bugcrowd University
Ambassador Program
Forum
Leaderboard
Programs
Resources
Resource Library
Resource Library
Case Studies
Webinars
Events
Glossary
FAQ
Company
About
About Us
Customers
Leadership
Careers
Expertise
Partners
News & Press
Blog
Press Releases
News
Contact Us
Get Started
Contact Us
Researcher Portal
Customer Portal
Open Mobile Menu
Request a Demo
Contact Us
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the
privacy policy
. To learn more or withdraw consent please click on Learn More.
By continued use of this website you are consenting to our use of cookies.
Accept
Learn More
Cookie Settings
Operationally Necessary Cookies
Operationally necessary cookies are necessary to the operation of our sites, services, applications, and tools. These can not be disabled.
Analytics Cookies
Analytics cookies help us understand how visitors interact with websites by collecting and reporting information anonymously.
Advertising Cookies
Advertising cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user based on interest and usefulness.
Submit
x
GLOSSARY
Broken Access Control (BAC)
Broken Access Control is when an application does not thoroughly restrict user permissions for appropriate access to administrative functionality. The consequences associated to broken access control may include viewing of unauthorized content, modification or deletion of content, or full application takeover. A few examples of common access control vulnerabilities are role based access, poor password management, insecure Id’s, forced browsing past access control checks, path traversal, file permissions, and client side caching.
Related Resources:
[Bugcrowd University] Broken Access Control Testing
[Guide] The Ultimate Guide to Managed Bug Bounty
next post:
Crowdsourced Security (CSS)
