4.1.2 Access controls cannot be manipulated by end usersΒΆ
Verify that all user and data attributes and policy information used by access controls cannot be manipulated by end users unless specifically authorized.
| Level 1 | X |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 639 |