CAPEC-154
Resource Location Spoofing
Średni
Średni
Stable
2014-06-23
00h00 +00:00
00h00 +00:00
2023-01-24
00h00 +00:00
00h00 +00:00
Alert dla konkretnego CAPEC
Bądź na bieżąco z wszelkimi zmianami dotyczącymi konkretnego CAPEC.
Opisy CAPEC
An adversary deceives an application or user and convinces them to request a resource from an unintended location. By spoofing the location, the adversary can cause an alternate resource to be used, often one that the adversary controls and can be used to help them achieve their malicious goals.
Informacje CAPEC
Wymagania wstępne
None. All applications rely on file paths and therefore, in theory, they or their resources could be affected by this type of attack.Wymagane zasoby
None: No specialized resources are required to execute this type of attack.Łagodzenie
Monitor network activity to detect any anomalous or unauthorized communication exchanges.Powiązane słabości
| Nazwa słabości | |
|---|---|
CWE-451 |
User Interface (UI) Misrepresentation of Critical Information The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks. |
Zgłoszenie
| Nazwa | Organizacja | Data | Data wydania |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modyfikacje
| Nazwa | Organizacja | Data | Komentarz |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Description Summary | |
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences, Attack_Prerequisites, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit | |
| CAPEC Content Team | The MITRE Corporation | Updated Description Summary, Resources_Required | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses |
