Description
Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.
Latest vulnerabilities for CWE-268
References
Description of CWE-268 on Mitre website