CAPEC-268
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Descriptions du CAPEC
The attacker injects, manipulates, deletes, or forges malicious log entries into the log file, in an attempt to mislead an audit of the log file or cover tracks of an attack. Due to either insufficient access controls of the log files or the logging mechanism, the attacker is able to perform such actions.
Informations du CAPEC
Conditions préalables
The target host is logging the action and data of the user.The target host insufficiently protects access to the logs or logging mechanisms.
Ressources nécessaires
The attacker must understand how the logging mechanism works.
Optionally, the attacker must know the location and the format of individual entries of the log files.
Faiblesses connexes
| Nom de la faiblesse | |
|---|---|
CWE-117 |
Improper Output Neutralization for Logs The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file. |
Soumission
| Nom | Organisation | Date | Date de publication |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns, Taxonomy_Mappings |
