Home > CAPEC List > CAPEC-176: Configuration/Environment Manipulation (Version 2.11)  

CAPEC-176: Configuration/Environment Manipulation

 
Configuration/Environment Manipulation
Definition in a New Window Definition in a New Window
Attack Pattern ID: 176
Abstraction: Meta
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.

+ Attack Prerequisites
  • The target application must consult external files or configuration controls to control its execution. All but the very simplest applications meet this requirement.

+ Typical Severity

Medium

+ Resources Required

The attacker must have the access necessary to affect the files or other environment items the targeted application uses for its operations.

+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Previous Entry Names
DatePrevious Entry Name
2015-11-09Configuration/Environment manipulation

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017