forked from iriusrisk/IriusRisk-Central
-
Notifications
You must be signed in to change notification settings - Fork 0
/
STRIDE-with-CAPEC.xml
1723 lines (1723 loc) · 115 KB
/
STRIDE-with-CAPEC.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<?xml version="1.0" encoding="UTF-8"?>
<library ref="stride" name="STRIDE with CAPEC" revision="1" tags="">
<desc/>
<categoryComponents/>
<componentDefinitions/>
<supportedStandards/>
<riskPatterns>
<riskPattern uuid="24bf8682-de85-4f81-9415-f423750a896f" ref="denial-of-service" name="Denial of Service" desc="">
<tags>
<tag tag="Denial of Service"/>
</tags>
<weaknesses>
<weakness ref="CWE-1325" name="Improperly Controlled Sequential Memory Allocation" state="0" impact="100">
<desc>The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit the total amount of memory that is consumed by all of the combined objects.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.805">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-404" name="Improper Resource Shutdown or Release" state="0" impact="100">
<desc>The program does not release or incorrectly releases a resource before it is made available for re-use.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.843">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-645" name="Overly Restrictive Account Lockout Mechanism" state="0" impact="100">
<desc>The software contains an account lockout protection mechanism, but the mechanism is too restrictive and can be triggered too easily, which allows attackers to deny service to legitimate users by causing their accounts to be locked out.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.848">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-770" name="Allocation of Resources Without Limits or Throttling" state="0" impact="100">
<desc>The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.853">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
</weaknesses>
<countermeasures/>
<usecases>
<usecase ref="denial-of-service" name="Denial of Service" desc="" library="">
<threats>
<threat ref="capec-125-flooding" name="CAPEC-125 Flooding" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary consumes the resources of a target by rapidly engaging in a large number of interactions with the target. This type of attack generally exposes a weakness in rate limiting or flow. When successful this attack prevents legitimate users from accessing the service and can cause the target to crash. This attack differs from resource depletion through leaks or allocations in that the latter attacks do not rely on the volume of requests made to the target but instead focus on manipulation of the target's operations. The key factor in a flooding attack is the number of requests the adversary can make in a given period of time. The greater this number, the more likely an attack is to succeed against a given target.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-404">
<countermeasures/>
</weakness>
<weakness ref="CWE-770">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-130-excessive-allocation" name="CAPEC-130 Excessive Allocation" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary causes the target to allocate excessive resources to servicing the attackers' request, thereby reducing the resources available for legitimate services and degrading or denying services. Usually, this attack focuses on memory allocation, but any finite resource on the target could be the attacked, including bandwidth, processing cycles, or other resources. This attack does not attempt to force this allocation through a large number of requests (that would be Resource Depletion through Flooding) but instead uses one or a small number of requests that are carefully formatted to force the target to allocate excessive resources to service this request(s). Often this attack takes advantage of a bug in the target to cause the target to allocate resources vastly beyond what would be needed for a normal request.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-1325">
<countermeasures/>
</weakness>
<weakness ref="CWE-404">
<countermeasures/>
</weakness>
<weakness ref="CWE-770">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-131-resource-leak-exposure" name="CAPEC-131 Resource Leak Exposure" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary utilizes a resource leak on the target to deplete the quantity of the resource available to service legitimate requests. Resource leaks most often come in the form of memory leaks where memory is allocated but never released after it has served its purpose, however, theoretically, any other resource that can be reserved can be targeted if the target fails to release the reservation when the reserved resource block is no longer needed. In this attack, the adversary determines what activity results in leaked resources and then triggers that activity on the target. Since some leaks may be small, this may require a large number of requests by the adversary. However, this attack differs from a flooding attack in that the rate of requests is generally not significant. This is because the lost resources due to the leak accumulate until the target is reset, usually by restarting it. Thus, a resource-poor adversary who would be unable to flood the target can still utilize this attack. Resource depletion through leak differs from resource depletion through allocation in that, in the former, the adversary may not be able to control the size of each leaked allocation, but instead allows the leak to accumulate until it is large enough to affect the target's performance. When depleting resources through allocation, the allocated resource may eventually be released by the target so the attack relies on making sure that the allocation size itself is prohibitive of normal operations by the target.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-404">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-2-inducing-account-lockout" name="CAPEC-2 Inducing Account Lockout" state="Expose" source="MANUAL" owner="" library="">
<desc>An attacker leverages the security functionality of the system aimed at thwarting potential attacks to launch a denial of service attack against a legitimate system user. Many systems, for instance, implement a password throttling mechanism that locks an account after a certain number of incorrect log in attempts. An attacker can leverage this throttling mechanism to lock a legitimate user out of their own account. The weakness that is being leveraged by an attacker is the very security feature that has been put in place to counteract attacks.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-645">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-227-sustained-client-engagement" name="CAPEC-227 Sustained Client Engagement" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource. The degree to which the attack is successful depends upon the adversary's ability to sustain resource requests over time with a volume that exceeds the normal usage by legitimate users, as well as other mitigating circumstances such as the target's ability to shift load or acquire additional resources to deal with the depletion. This attack differs from a flooding attack as it is not entirely dependent upon large volumes of requests, and it differs from resource leak exposures which tend to exploit the surrounding environment needed for the resource to function. The key factor in a sustainment attack are the repeated requests that take longer to process than usual.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses/>
<countermeasures/>
<customFields/>
</threat>
</threats>
</usecase>
</usecases>
</riskPattern>
<riskPattern uuid="c17a3979-da93-4bb5-addc-b5f471be26cc" ref="elevation-of-privilege" name="Elevation of Privilege" desc="">
<tags>
<tag tag="Elevation of Privilege"/>
</tags>
<weaknesses>
<weakness ref="CWE-1244" name="Improper Access to Sensitive Information Using Debug and Test Interfaces" state="0" impact="100">
<desc>The product's physical debug and test interface protection does not block untrusted agents, resulting in unauthorized access to and potentially control of sensitive assets.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.859">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-1264" name="Hardware Logic with Insecure De-Synchronization between Control and Data Channels" state="0" impact="100">
<desc>The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.863">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-1311" name="Improper Translation of Security Attributes by Fabric Bridge" state="0" impact="100">
<desc>The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.868">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-1317" name="Missing Security Checks in Fabric Bridge" state="0" impact="100">
<desc>A bridge that is connected to a fabric without security features forwards transactions to the slave without checking the privilege level of the master. Similarly, it does not check the hardware identity of the transaction received from the slave interface of the bridge.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.872">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-20" name="Improper Input Validation" state="0" impact="100">
<desc>The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.877">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-200" name="Exposure of Sensitive Information to an Unauthorized Actor" state="0" impact="100">
<desc>The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.887">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-262" name="Not Using Password Aging" state="0" impact="100">
<desc>If no mechanism is in place for managing password aging, users will have no incentive to update passwords in a timely manner.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.895">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-263" name="Password Aging with Long Expiration" state="0" impact="100">
<desc>Allowing password aging to occur unchecked can result in the possibility of diminished password integrity.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.909">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-269" name="Improper Privilege Management" state="0" impact="100">
<desc>The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.921">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-287" name="Improper Authentication" state="0" impact="100">
<desc>When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.926">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-290" name="Authentication Bypass by Spoofing" state="0" impact="100">
<desc>This attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.931">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-294" name="Authentication Bypass by Capture-replay" state="0" impact="100">
<desc>A capture-replay flaw exists when the design of the software makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.941">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-300" name="Channel Accessible by Non-Endpoint" state="0" impact="100">
<desc>The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.952">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-302" name="Authentication Bypass by Assumed-Immutable Data" state="0" impact="100">
<desc>The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.959">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-307" name="Improper Restriction of Excessive Authentication Attempts" state="0" impact="100">
<desc>The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.965">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-308" name="Use of Single-factor Authentication" state="0" impact="100">
<desc>The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.971">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-309" name="Use of Password System for Primary Authentication" state="0" impact="100">
<desc>The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.982">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-346" name="Origin Validation Error" state="0" impact="100">
<desc>The software does not properly verify that the source of data or communication is valid.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.988">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-384" name="Session Fixation" state="0" impact="100">
<desc>Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:14.994">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-502" name="Deserialization of Untrusted Data" state="0" impact="100">
<desc>The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.000">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-521" name="Weak Password Requirements" state="0" impact="100">
<desc>The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.008">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-539" name="Use of Persistent Cookies Containing Sensitive Information" state="0" impact="100">
<desc>The web application uses persistent cookies, but the cookies contain sensitive information.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.015">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-593" name="Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created" state="0" impact="100">
<desc>The software modifies the SSL context after connection creation has begun.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.020">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-6" name="J2EE Misconfiguration: Insufficient Session-ID Length" state="0" impact="100">
<desc>The J2EE application is configured to use an insufficient session ID length.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.025">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-602" name="Client-Side Enforcement of Server-Side Security" state="0" impact="100">
<desc>The software is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.032">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-642" name="External Control of Critical State Data" state="0" impact="100">
<desc>The software stores security-critical state information about its users, or the software itself, in a location that is accessible to unauthorized actors.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.042">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-654" name="Reliance on a Single Factor in a Security Decision" state="0" impact="100">
<desc>A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrity of a single object or entity in order to make a decision about granting access to restricted resources or functionality.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.049">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-664" name="Improper Control of a Resource Through its Lifetime" state="0" impact="100">
<desc>The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.055">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-693" name="Protection Mechanism Failure" state="0" impact="100">
<desc>The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.061">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-724" name="OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management" state="0" impact="100">
<desc>Weaknesses in this category are related to the A3 category in the OWASP Top Ten 2004.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.067">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-732" name="Incorrect Permission Assignment for Critical Resource" state="0" impact="100">
<desc>The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.077">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-77" name="Improper Neutralization of Special Elements used in a Command ('Command Injection')" state="0" impact="100">
<desc>The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.085">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-829" name="Inclusion of Functionality from Untrusted Control Sphere" state="0" impact="100">
<desc>The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.091">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-94" name="Improper Control of Generation of Code ('Code Injection')" state="0" impact="100">
<desc>The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.097">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-99" name="Improper Control of Resource Identifiers ('Resource Injection')" state="0" impact="100">
<desc>The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.103">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
</weaknesses>
<countermeasures/>
<usecases>
<usecase ref="elevation-of-privilege" name="Elevation of Privilege" desc="" library="">
<threats>
<threat ref="capec-114-authentication-abuse" name="CAPEC-114 Authentication Abuse" state="Expose" source="MANUAL" owner="" library="">
<desc>An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker. This attack may exploit assumptions made by the target's authentication procedures, such as assumptions regarding trust relationships or assumptions regarding the generation of secret values. This attack differs from Authentication Bypass attacks in that Authentication Abuse allows the attacker to be certified as a valid user through illegitimate means, while Authentication Bypass allows the user to access protected material without ever being certified as an authenticated user. This attack does not rely on prior sessions established by successfully authenticating users, as relied upon for the "Exploitation of Session Variables, Resource IDs and other Trusted Credentials" attack patterns.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-1244">
<countermeasures/>
</weakness>
<weakness ref="CWE-287">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-122-privilege-abuse" name="CAPEC-122 Privilege Abuse" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources. If access control mechanisms are absent or misconfigured, a user may be able to access resources that are intended only for higher level users. An adversary may be able to exploit this to utilize a less trusted account to gain information and perform activities reserved for more trusted accounts. This attack differs from privilege escalation and other privilege stealing attacks in that the adversary never actually escalates their privileges but instead is able to use a lesser degree of privilege to access resources that should be (but are not) reserved for higher privilege accounts. Likewise, the adversary does not exploit trust or subvert systems - all control functionality is working as configured but the configuration does not adequately protect sensitive resources at an appropriate level.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-1317">
<countermeasures/>
</weakness>
<weakness ref="CWE-269">
<countermeasures/>
</weakness>
<weakness ref="CWE-732">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-21-exploitation-of-trusted-identifiers" name="CAPEC-21 Exploitation of Trusted Identifiers" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary guesses, obtains, or "rides" a trusted identifier (e.g. session ID, resource ID, cookie, etc.) to perform authorized actions under the guise of an authenticated user or service. Attacks leveraging trusted identifiers typically result in the adversary laterally moving within the local network, since users are often allowed to authenticate to systems/applications within the network using the same identifier. This allows the adversary to obtain sensitive data, download/install malware on the system, pose as a legitimate user for social engineering purposes, and more.Attacks on trusted identifiers take advantage of the fact that some software accepts user input without verifying its authenticity. Many server side processes are vulnerable to these attacks because the server to server communications have not been analyzed from a security perspective or the processes "trust" other systems because they are behind a firewall. Similarly, servers that use easy to guess or spoofable schemes for representing digital identity can also be vulnerable. Such systems frequently use schemes without cryptography and digital signatures (or with broken cryptography). Identifiers may be guessed or obtained due to insufficient randomness, poor protection (passed/stored in the clear), lack of integrity (unsigned), or improper correlation with access control policy enforcement points. Exposed configuration and properties files that contain sensitive data may additionally provide an adversary with the information needed to obtain these identifiers. An adversary may also "ride" an identifier via a malicious link, as is the case in Cross Site Request Forgery (CSRF) attacks.Regardless of the attack vector, successful spoofing and impersonation of trusted credentials can lead to an adversary breaking authentication, authorization, and audit controls with the target system or application.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-290">
<countermeasures/>
</weakness>
<weakness ref="CWE-302">
<countermeasures/>
</weakness>
<weakness ref="CWE-346">
<countermeasures/>
</weakness>
<weakness ref="CWE-384">
<countermeasures/>
</weakness>
<weakness ref="CWE-539">
<countermeasures/>
</weakness>
<weakness ref="CWE-6">
<countermeasures/>
</weakness>
<weakness ref="CWE-602">
<countermeasures/>
</weakness>
<weakness ref="CWE-642">
<countermeasures/>
</weakness>
<weakness ref="CWE-664">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-22-exploiting-trust-in-client" name="CAPEC-22 Exploiting Trust in Client" state="Expose" source="MANUAL" owner="" library="">
<desc>An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-20">
<countermeasures/>
</weakness>
<weakness ref="CWE-200">
<countermeasures/>
</weakness>
<weakness ref="CWE-287">
<countermeasures/>
</weakness>
<weakness ref="CWE-290">
<countermeasures/>
</weakness>
<weakness ref="CWE-693">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-233-privilege-escalation" name="CAPEC-233 Privilege Escalation" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references>
<reference name="OWASP Web Security Testing Guide[The Open Web Application Security Project (OWASP)]" url="https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/05-Authorization_Testing/03-Testing_for_Privilege_Escalation.html"/>
</references>
<weaknesses>
<weakness ref="CWE-1264">
<countermeasures/>
</weakness>
<weakness ref="CWE-1311">
<countermeasures/>
</weakness>
<weakness ref="CWE-269">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-240-resource-injection" name="CAPEC-240 Resource Injection" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary exploits weaknesses in input validation by manipulating resource identifiers enabling the unintended modification or specification of a resource.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-99">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-242-code-injection" name="CAPEC-242 Code Injection" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary exploits a weakness in input validation on the target to inject new code into that which is currently executing. This differs from code inclusion in that code inclusion involves the addition or replacement of a reference to a code file, which is subsequently loaded by the target and used as part of the code of some application.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references>
<reference name="OWASP Web Security Testing Guide[The Open Web Application Security Project (OWASP)]" url="https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11-Testing_for_Code_Injection.html"/>
</references>
<weaknesses>
<weakness ref="CWE-94">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-248-command-injection" name="CAPEC-248 Command Injection" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary looking to execute a command of their choosing, injects new items into an existing command thus modifying interpretation away from what was intended. Commands in this context are often standalone strings that are interpreted by a downstream component and cause specific responses. This type of attack is possible when untrusted values are used to build these command strings. Weaknesses in input validation or command construction can enable the attack and lead to successful exploitation.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references>
<reference name="OWASP Web Security Testing Guide[The Open Web Application Security Project (OWASP)]" url="https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/12-Testing_for_Command_Injection.html"/>
</references>
<weaknesses>
<weakness ref="CWE-77">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-549-local-execution-of-code" name="CAPEC-549 Local Execution of Code" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary installs and executes malicious code on the target system in an effort to achieve a negative technical impact. Examples include rootkits, ransomware, spyware, adware, and others.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-829">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-565-password-spraying" name="CAPEC-565 Password Spraying" state="Expose" source="MANUAL" owner="" library="">
<desc>In a Password Spraying attack, an adversary tries a small list (e.g. 3-5) of common or expected passwords, often matching the target's complexity policy, against a known list of user accounts to gain valid credentials. The adversary tries a particular password for each user account, before moving onto the next password in the list. This approach assists the adversary in remaining undetected by avoiding rapid or frequent account lockouts. The adversary may then reattempt the process with additional passwords, once enough time has passed to prevent inducing a lockout. Password Spraying attacks often target management services over commonly used ports such as SSH, FTP, Telnet, LDAP, Kerberos, MySQL, and more. Additional targets include Single Sign-On (SSO) or cloud-based applications/services that utilize federated authentication protocols, and externally facing applications. Successful execution of Password Spraying attacks usually lead to lateral movement within the target, which allows the adversary to impersonate the victim or execute any action that the victim is authorized to perform. If the password chosen by the user is commonly used or easily guessed, this attack will be successful (in the absence of other mitigations). This is a specific instance of the password brute forcing attack pattern.Password Spraying Attacks are similar to Dictionary-based Password Attacks (CAPEC-16) in that they both leverage precompiled lists (i.e. dictionaries) of username/password combinations to try against a system/application. The primary difference is that Password Spraying Attacks leverage a known list of user accounts and only try one password for each account before moving onto the next password. In contrast, Dictionary-based Password Attacks leverage unknown username/password combinations and are often executed offline against files containing hashed credentials, where inducing an account lockout is not a concern.Password Spraying Attacks are also similar to Credential Stuffing attacks (CAPEC-600), since both utilize known user accounts and often attack the same targets. Credential Stuffing attacks, however, leverage known username/password combinations, whereas Password Spraying attacks have no insight into known username/password pairs. If a Password Spraying attack succeeds, it may additionally lead to Credential Stuffing attacks on different targets.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references>
<reference name="A notorious Iranian hacking crew is targeting industrial control systems[Ars Technica]" url="https://arstechnica.com/information-technology/2019/11/a-notorious-iranian-hacking-crew-is-targeting-industrial-control-systems/"/>
<reference name="ACSC Releases Advisory on Password Spraying Attacks[Cybersecurity and Infrastructure Security Agency (CISA)]" url="https://www.us-cert.gov/ncas/current-activity/2019/08/08/acsc-releases-advisory-password-spraying-attacks"/>
<reference name="Alert (TA18-086A): Brute Force Attacks Conducted by Cyber Actors[Cybersecurity and Infrastructure Security Agency (CISA)]" url="https://www.us-cert.gov/ncas/alerts/TA18-086A"/>
</references>
<weaknesses>
<weakness ref="CWE-262">
<countermeasures/>
</weakness>
<weakness ref="CWE-263">
<countermeasures/>
</weakness>
<weakness ref="CWE-307">
<countermeasures/>
</weakness>
<weakness ref="CWE-308">
<countermeasures/>
</weakness>
<weakness ref="CWE-309">
<countermeasures/>
</weakness>
<weakness ref="CWE-521">
<countermeasures/>
</weakness>
<weakness ref="CWE-654">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-586-object-injection" name="CAPEC-586 Object Injection" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-502">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-94-man-in-the-middle-attack" name="CAPEC-94 Man in the Middle Attack" state="Expose" source="MANUAL" owner="" library="">
<desc>This type of attack targets the communication between two components (typically client and server). The attacker places themself in the communication channel between the two components. Whenever one component attempts to communicate with the other (data flow, authentication challenges, etc.), the data first goes to the attacker, who has the opportunity to observe or alter it, and it is then passed on to the other component as if it was never observed. This interposition is transparent leaving the two compromised components unaware of the potential corruption or leakage of their communications. The potential for Man-in-the-Middle attacks yields an implicit lack of trust in communication or identify between two components. MITM attacks differ from sniffing attacks since they often modify the communications prior to delivering it to the intended recipient. These attacks also differ from interception attacks since they may forward the sender's original unmodified data, after copying it, instead of keeping it for themselves.</desc>
<riskRating confidentiality="100" integrity="100" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-287">
<countermeasures/>
</weakness>
<weakness ref="CWE-290">
<countermeasures/>
</weakness>
<weakness ref="CWE-294">
<countermeasures/>
</weakness>
<weakness ref="CWE-300">
<countermeasures/>
</weakness>
<weakness ref="CWE-593">
<countermeasures/>
</weakness>
<weakness ref="CWE-724">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
</threats>
</usecase>
</usecases>
</riskPattern>
<riskPattern uuid="a3f6db56-dcc9-4cfa-b6ee-4e57ecbbeead" ref="information-disclosure" name="Information Disclosure" desc="">
<tags>
<tag tag="Information Disclosure"/>
</tags>
<weaknesses>
<weakness ref="CWE-1242" name="Inclusion of Undocumented Features or Chicken Bits" state="0" impact="100">
<desc>The device includes chicken bits or undocumented features that can create entry points for unauthorized actors.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.111">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-1243" name="Sensitive Non-Volatile Information Not Protected During Debug" state="0" impact="100">
<desc>Access to security-sensitive information stored in fuses is not limited during debug.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.116">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-1281" name="Sequence of Processor Instructions Leads to Unexpected Behavior (Halt and Catch Fire)" state="0" impact="100">
<desc>Specific combinations of processor instructions lead to undesirable behavior such as locking the processor until a hard reset performed.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.121">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-200" name="Exposure of Sensitive Information to an Unauthorized Actor" state="0" impact="100">
<desc>The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.126">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-319" name="Cleartext Transmission of Sensitive Information" state="0" impact="100">
<desc>The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.132">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
<weakness ref="CWE-424" name="Improper Protection of Alternate Path" state="0" impact="100">
<desc>The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.138">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
</weaknesses>
<countermeasures/>
<usecases>
<usecase ref="information-disclosure" name="Information Disclosure" desc="" library="">
<threats>
<threat ref="capec-116-excavation" name="CAPEC-116 Excavation" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary actively probes the target in a manner that is designed to solicit information that could be leveraged for malicious purposes. This is achieved by exploring the target via ordinary interactions for the purpose of gathering intelligence about the target, or by sending data that is syntactically invalid or non-standard in an attempt to produce a response that contains the desired data. As a result of these interactions, the adversary is able to obtain information from the target that aids the attacker in making inferences about its security, configuration, or potential vulnerabilities. Examplar exchanges with the target may trigger unhandled exceptions or verbose error messages that reveal information like stack traces, configuration information, path information, or database design. This type of attack also includes the manipulation of query strings in a URI to produce invalid SQL queries, or by trying alternative path values in the hope that the server will return useful information.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-1243">
<countermeasures/>
</weakness>
<weakness ref="CWE-200">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-117-interception" name="CAPEC-117 Interception" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary monitors data streams to or from the target for information gathering purposes. This attack may be undertaken to solely gather sensitive information or to support a further attack against the target. This attack pattern can involve sniffing network traffic as well as other types of data streams (e.g. radio). The adversary can attempt to initiate the establishment of a data stream or passively observe the communications as they unfold. In all variants of this attack, the adversary is not the intended recipient of the data stream. In contrast to other means of gathering information (e.g., targeting data leaks), the adversary must actively position themself so as to observe explicit data channels (e.g. network traffic) and read the content. However, this attack differs from a Man-In-the-Middle (MITM) attack, as the adversary does not alter the content of the communications nor forward data to the intended recipient.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-319">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-169-footprinting" name="CAPEC-169 Footprinting" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary engages in probing and exploration activities to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. Although similar to fingerprinting, footprinting aims to get a more holistic view of a system or network, whereas fingerprinting is more targeted to a specific application or operating system. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.</desc>
<riskRating confidentiality="25" integrity="25" availability="100" easeOfExploitation="100"/>
<references>
<reference name="Footprint: What Is And How Do You Erase Them" url="http://www.infosecwriters.com/text_resources/pdf/Footprinting.pdf"/>
<reference name="Footprinting And The Basics Of Hacking" url="http://web.textfiles.com/hacking/footprinting.txt"/>
</references>
<weaknesses>
<weakness ref="CWE-200">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-212-functionality-misuse" name="CAPEC-212 Functionality Misuse" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-1242">
<countermeasures/>
</weakness>
<weakness ref="CWE-1281">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-216-communication-channel-manipulation" name="CAPEC-216 Communication Channel Manipulation" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, insertion/removal of information from the communications stream, and/or potentially system compromise.</desc>
<riskRating confidentiality="50" integrity="50" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses/>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-224-fingerprinting" name="CAPEC-224 Fingerprinting" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary compares output from a target system to known indicators that uniquely identify specific details about the target. Most commonly, fingerprinting is done to determine operating system and application versions. Fingerprinting can be done passively as well as actively. Fingerprinting by itself is not usually detrimental to the target. However, the information gathered through fingerprinting often enables an adversary to discover existing weaknesses in the target.</desc>
<riskRating confidentiality="25" integrity="25" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-200">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
<threat ref="capec-554-functionality-bypass" name="CAPEC-554 Functionality Bypass" state="Expose" source="MANUAL" owner="" library="">
<desc>An adversary attacks a system by bypassing some or all functionality intended to protect it. Often, a system user will think that protection is in place, but the functionality behind those protections has been disabled by the adversary.</desc>
<riskRating confidentiality="75" integrity="75" availability="100" easeOfExploitation="100"/>
<references/>
<weaknesses>
<weakness ref="CWE-424">
<countermeasures/>
</weakness>
</weaknesses>
<countermeasures/>
<customFields/>
</threat>
</threats>
</usecase>
</usecases>
</riskPattern>
<riskPattern uuid="7963e5ee-f3aa-411a-b884-734706416b35" ref="repudiation" name="Repudiation" desc="">
<tags/>
<weaknesses>
<weakness ref="CWE-117" name="Improper Output Neutralization for Logs" state="0" impact="100">
<desc>The software does not neutralize or incorrectly neutralizes output that is written to logs.</desc>
<test expiryDate="" expiryPeriod="0">
<steps/>
<notes/>
<source filename="" args="" type="Manual" result="Not Tested" enabled="true" timestamp="2022-06-10T19:14:15.145">
<output/>
</source>
<references/>
<customFields/>
</test>
</weakness>
</weaknesses>