CAPEC - CAPEC-375: WASC-42 - Abuse of Functionality (Version 3.0)

Home > CAPEC List > CAPEC-375: WASC-42 - Abuse of Functionality (Version 3.0)

CAPEC-375: WASC-42 - Abuse of Functionality

Category ID: 375

Status: Draft

Summary

This category is related to the WASC Threat Classification 2.0 item Abuse of Functionality

Membership

Nature	Type	ID	Name
MemberOf	View - A view in CAPEC represents a perspective with which one might look at the collection of attack patterns defined within CAPEC. There are three different types of views: graphs, explicit slices, and implicit slices.	333	WASC Threat Classification 2.0
HasMember	Category - A category in CAPEC is a collection of attack patterns based on some common characteristic. More specifically, it is an aggregation of attack patterns based on effect/intent (as opposed to actions or mechanisms, such an aggregation would be a meta attack pattern). An aggregation based on effect/intent is not an actionable attack and as such is not a pattern of attack behavior. Rather, it is a grouping of patterns based on some common criteria.	210	Abuse Existing Functionality

References

[REF-318] "WASC Threat Classification 2.0". WASC-42 - Abuse of Functionality. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Abuse-of-Functionality>.

Content History

More information is available — Please select a different filter.

Page Last Updated or Reviewed: July 31, 2018


	Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the Terms of Use. For more information, please email capec@mitre.org. CAPEC is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 2007 - 2018, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.	Privacy policy Terms of use Site Map Contact us