CAPEC-150

Collect Data from Common Resource Locations
Moyen
Draft
2014-06-23
00h00 +00:00
2023-01-24
00h00 +00:00
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Gestion des notifications

Descriptions du CAPEC

An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.

Informations du CAPEC

Conditions préalables

The targeted applications must either expect files to be located at a specific location or, if the location of the files can be configured by the user, the user either failed to move the files from the default location or placed them in a conventional location for files of the given type.

Ressources nécessaires

None: No specialized resources are required to execute this type of attack. In some cases, the attacker need not even have direct access to the locations on the target computer where the targeted resources reside.

Faiblesses connexes

CWE-ID Nom de la faiblesse

CWE-552

Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.

CWE-1239

Improper Zeroization of Hardware Register
The hardware product does not properly clear sensitive information from built-in registers when the user of the hardware block changes.

CWE-1258

Exposure of Sensitive System Information Due to Uncleared Debug Information
The hardware does not fully clear security-sensitive values, such as keys and intermediate values in cryptographic operations, when debug mode is entered.

CWE-1266

Improper Scrubbing of Sensitive Data from Decommissioned Device
The product does not properly provide a capability for the product administrator to remove sensitive data at the time the product is decommissioned. A scrubbing capability could be missing, insufficient, or incorrect.

CWE-1272

Sensitive Information Uncleared Before Debug/Power State Transition
The product performs a power or debug state transition, but it does not clear sensitive information that should no longer be accessible due to changes to information access restrictions.

CWE-1323

Improper Management of Sensitive Trace Data
Trace data collected from several sources on the System-on-Chip (SoC) is stored in unprotected locations or transported to untrusted agents.

CWE-1330

Remanent Data Readable after Memory Erase
Confidential information stored in memory circuits is readable or recoverable after being cleared or erased.

Soumission

Nom Organisation Date Date de publication
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modifications

Nom Organisation Date Commentaire
CAPEC Content Team The MITRE Corporation 2015-11-09 +00:00 Updated Description Summary
CAPEC Content Team The MITRE Corporation 2015-12-07 +00:00 Updated Description Summary
CAPEC Content Team The MITRE Corporation 2017-08-04 +00:00 Updated Resources_Required
CAPEC Content Team The MITRE Corporation 2019-04-04 +00:00 Updated Related_Weaknesses
CAPEC Content Team The MITRE Corporation 2020-07-30 +00:00 Updated Related_Weaknesses, Taxonomy_Mappings
CAPEC Content Team The MITRE Corporation 2020-12-17 +00:00 Updated Related_Weaknesses
CAPEC Content Team The MITRE Corporation 2021-06-24 +00:00 Updated Example_Instances, Related_Attack_Patterns, Taxonomy_Mappings
CAPEC Content Team The MITRE Corporation 2022-09-29 +00:00 Updated Taxonomy_Mappings
CAPEC Content Team The MITRE Corporation 2023-01-24 +00:00 Updated Related_Weaknesses