CAPEC-96

Block Access to Libraries
Medium
Medium
Draft
2014-06-23
00h00 +00:00
2021-06-24
00h00 +00:00
CAPEC Mitre.org
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Notifications manage

Descriptions CAPEC

An application typically makes calls to functions that are a part of libraries external to the application. These libraries may be part of the operating system or they may be third party libraries. It is possible that the application does not handle situations properly where access to these libraries has been blocked. Depending on the error handling within the application, blocked access to libraries may leave the system in an insecure state that could be leveraged by an attacker.

Informations CAPEC

Execution Flow

1) Explore

Determine what external libraries the application accesses.

2) Experiment

Block access to the external libraries accessed by the application.

3) Experiment

Monitor the behavior of the system to see if it goes into an insecure/inconsistent state.

4) Experiment

If the system does go into an insecure/inconsistent state, leverage that to obtain information about the system functionality or data, elevate access control, etc. The rest of this attack will depend on the context and the desired goal.

Prerequisites

An application requires access to external libraries.
An attacker has the privileges to block application access to external libraries.

Skills Required

Knowledge of how to block access to libraries, as well as knowledge of how to leverage the resulting state of the application based on the failed call.

Mitigations

Ensure that application handles situations where access to APIs in external libraries is not available securely. If the application cannot continue its execution safely it should fail in a consistent and secure fashion.

Related Weaknesses

CWE-ID Weakness Name

CWE-589

 Call to Non-ubiquitous API
The product uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences.

Submission

Name Organization Date Date release
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modifications

Name Organization Date Comment
CAPEC Content Team The MITRE Corporation 2017-01-09 +00:00 Updated Related_Attack_Patterns
CAPEC Content Team The MITRE Corporation 2018-07-31 +00:00 Updated Attacker_Skills_or_Knowledge_Required
CAPEC Content Team The MITRE Corporation 2019-09-30 +00:00 Updated Related_Attack_Patterns
CAPEC Content Team The MITRE Corporation 2021-06-24 +00:00 Updated Related_Weaknesses
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.