Nom de la faiblesse | |
---|---|
CWE-284 |
Improper Access Control The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
CWE-1266 |
Improper Scrubbing of Sensitive Data from Decommissioned Device The product does not properly provide a capability for the product administrator to remove sensitive data at the time the product is decommissioned. A scrubbing capability could be missing, insufficient, or incorrect. |
CWE-1272 |
Sensitive Information Uncleared Before Debug/Power State Transition The product performs a power or debug state transition, but it does not clear sensitive information that should no longer be accessible due to changes to information access restrictions. |
Nom | Organisation | Date | Date de publication |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation |
Nom | Organisation | Date | Commentaire |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, Description Summary, References, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit, Typical_Severity | |
CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses | |
CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses | |
CAPEC Content Team | The MITRE Corporation | Updated @Name |