The software does not properly manage a user within its
					environment.Users can be assigned to the wrong group (class) of permissions resulting
						in unintended access rights to sensitive objects.