CAPEC-439
Manipulation During Distribution
Draft
2014-06-23
00h00 +00:00
00h00 +00:00
2021-06-24
00h00 +00:00
00h00 +00:00
Avviso per un CAPEC specifico
Rimani informato su qualsiasi modifica relativa a un CAPEC specifico.
Descrizioni CAPEC
An attacker undermines the integrity of a product, software, or technology at some stage of the distribution channel. The core threat of modification or manipulation during distribution arise from the many stages of distribution, as a product may traverse multiple suppliers and integrators as the final asset is delivered. Components and services provided from a manufacturer to a supplier may be tampered with during integration or packaging.
Informazioni CAPEC
Vulnerabilità correlate
| Nome della vulnerabilità | |
|---|---|
CWE-1269 |
Product Released in Non-Release Configuration The product released to market is released in pre-production or manufacturing configuration. |
Riferimenti
REF-379
Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (2nd Draft)Jon Boyens, Angela Smith, Nadya Bartol, Kris Winkler, Alex Holbrook, Matthew Fallon.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1-draft2.pdf
REF-384
The Software Supply Chain Integrity Framework Defining Risks and Responsibilities for Securing Software in the Global Supply ChainSAFECode.
REF-382
Piloting Supply Chain Risk Management Practices for Federal Information SystemsMarianne Swanson, Nadya Bartol, Rama Moorthy.
Invio
| Nome | Organizzazione | Data | Data di rilascio |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifiche
| Nome | Organizzazione | Data | Commento |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses, Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |
