An application uses application-specific access control and users must authenticate with their own credentials to gain their allowed level of access to the application. A user was able to log into the application using another user's credentials and received an elevated level of privileges due to this. According to the STRIDE threat model, what type of threat is this?