CAPEC-439
Manipulation During Distribution
Draft
2014-06-23
00h00 +00:00
00h00 +00:00
2021-06-24
00h00 +00:00
00h00 +00:00
Melding voor een CAPEC
Blijf op de hoogte van wijzigingen voor een specifieke CAPEC.
Beschrijvingen CAPEC
An attacker undermines the integrity of a product, software, or technology at some stage of the distribution channel. The core threat of modification or manipulation during distribution arise from the many stages of distribution, as a product may traverse multiple suppliers and integrators as the final asset is delivered. Components and services provided from a manufacturer to a supplier may be tampered with during integration or packaging.
Informatie CAPEC
Gerelateerde zwakheden
| Zwakheidsnaam | |
|---|---|
CWE-1269 |
Product Released in Non-Release Configuration The product released to market is released in pre-production or manufacturing configuration. |
Referenties
REF-379
Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (2nd Draft)Jon Boyens, Angela Smith, Nadya Bartol, Kris Winkler, Alex Holbrook, Matthew Fallon.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1-draft2.pdf
REF-384
The Software Supply Chain Integrity Framework Defining Risks and Responsibilities for Securing Software in the Global Supply ChainSAFECode.
REF-382
Piloting Supply Chain Risk Management Practices for Federal Information SystemsMarianne Swanson, Nadya Bartol, Rama Moorthy.
Indiening
| Naam | Organisatie | Datum | Releasedatum |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Wijzigingen
| Naam | Organisatie | Datum | Opmerking |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses, Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |
