[Probe target application] The adversary first probes the target application to determine important information about the target. This information could include types software used, software versions, what user input the application consumes, and so on. Most importantly, the adversary tries to determine what environment variables might be used by the underlying software, or even the application itself.
[Find user-controlled environment variables] Using the information found by probing the application, the adversary attempts to manipulate any user-controlled environment variables they have found are being used by the application, or suspect are being used by the application, and observe the effects of these changes. If the adversary notices any significant changes to the application, they will know that a certain environment variable is important to the application behavior and indicates a possible attack vector.
[Manipulate user-controlled environment variables] The adversary manipulates the found environment variable(s) to abuse the normal flow of processes or to gain access to privileged resources.
Weakness Name | |
---|---|
Missing Support for Integrity Check The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum. |
|
Improper Authorization The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
|
Authentication Bypass by Assumed-Immutable Data The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker. |
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
|
External Control of System or Configuration Setting One or more system settings or configuration elements can be externally controlled by a user. |
|
External Control of File Name or Path The product allows user input to control or influence paths or file names that are used in filesystem operations. |
|
Improper Input Validation The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
|
Exposure of Sensitive Information to an Unauthorized Actor The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Name | Organization | Date | Date Release |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation |
Name | Organization | Date | Comment |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated Attacker_Skills_or_Knowledge_Required, Examples-Instances, References | |
CAPEC Content Team | The MITRE Corporation | Updated Example_Instances | |
CAPEC Content Team | The MITRE Corporation | Updated Consequences, Mitigations, Taxonomy_Mappings | |
CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
CAPEC Content Team | The MITRE Corporation | Updated Description, Example_Instances, Execution_Flow, Prerequisites |