New to CAPEC? Start Here
Home > CAPEC List > Reports > Differences between 3.0 and 3.1 Content  

Differences between 3.0 and 3.1 Content

Summary

Total (3.1) (not including Deprecated) 577
Total (3.0) (not including Deprecated) 577
Attack Patterns
New Patterns Added 2
Existing Patterns Modified with Enhanced Material 175
Patterns Deprecated 2
Categories
Existing Categories Modified with Enhanced Material 5
CAPEC -> CWE Mappings
CAPEC -> CWE Mappings Added 104
CAPEC -> CWE Mappings Removed 57
CAPEC -> CAPEC Mappings
CAPEC -> CAPEC Mappings Added 47
CAPEC -> CAPEC Mappings Removed 6

Summary of Entry Types

Type 3.0 3.1
Views 9 9
Categories 49 49
Attack Patterns 519 519
Deprecated 70 72

Back to top

Attack Pattern Changes

New Patterns Added
CAPEC-481 Contradictory Destinations in Traffic Routing Schemes
CAPEC-509 Kerberoasting

Existing Patterns Modified with Enhanced Material
CAPEC-2 Inducing Account Lockout
CAPEC-4 Using Alternative IP Address Encodings
CAPEC-5 Blue Boxing
CAPEC-6 Argument Injection
CAPEC-11 Cause Web Server Misclassification
CAPEC-23 File Content Injection
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths
CAPEC-39 Manipulating Opaque Client-based Data Tokens
CAPEC-40 Manipulating Writeable Terminal Devices
CAPEC-49 Password Brute Forcing
CAPEC-54 Query System for Information
CAPEC-55 Rainbow Table Password Cracking
CAPEC-66 SQL Injection
CAPEC-77 Manipulating User-Controlled Variables
CAPEC-89 Pharming
CAPEC-94 Man in the Middle Attack
CAPEC-98 Phishing
CAPEC-105 HTTP Request Splitting
CAPEC-117 Interception
CAPEC-121 Exploit Test APIs
CAPEC-122 Privilege Abuse
CAPEC-123 Buffer Manipulation
CAPEC-124 Shared Data Manipulation
CAPEC-129 Pointer Manipulation
CAPEC-132 Symlink Attack
CAPEC-133 Try All Common Switches
CAPEC-134 Email Injection
CAPEC-135 Format String Injection
CAPEC-136 LDAP Injection
CAPEC-137 Parameter Injection
CAPEC-138 Reflection Injection
CAPEC-139 Relative Path Traversal
CAPEC-140 Bypassing of Intermediate Forms in Multiple-Form Sets
CAPEC-145 Checksum Spoofing
CAPEC-149 Explore for Predictable Temporary File Names
CAPEC-150 Collect Data from Common Resource Locations
CAPEC-153 Input Data Manipulation
CAPEC-155 Screen Temporary Files for Sensitive Information
CAPEC-159 Redirect Access to Libraries
CAPEC-160 Exploit Script-Based APIs
CAPEC-163 Spear Phishing
CAPEC-166 Force the System to Reset Values
CAPEC-170 Web Application Fingerprinting
CAPEC-174 Flash Parameter Injection
CAPEC-176 Configuration/Environment Manipulation
CAPEC-178 Cross-Site Flashing
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-181 Flash File Overlay
CAPEC-182 Flash Injection
CAPEC-183 IMAP/SMTP Command Injection
CAPEC-185 Malicious Software Download
CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality
CAPEC-191 Read Sensitive Strings Within an Executable
CAPEC-193 PHP Remote File Inclusion
CAPEC-194 Fake the Source of Data
CAPEC-195 Principal Spoof
CAPEC-196 Session Credential Falsification through Forging
CAPEC-199 XSS Using Alternate Syntax
CAPEC-202 Create Malicious Client
CAPEC-206 Signing Malicious Code
CAPEC-207 Removing Important Client Functionality
CAPEC-218 Spoofing of UDDI/ebXML Messages
CAPEC-222 iFrame Overlay
CAPEC-226 Session Credential Falsification through Manipulation
CAPEC-228 DTD Injection
CAPEC-233 Privilege Escalation
CAPEC-242 Code Injection
CAPEC-244 XSS Targeting URI Placeholders
CAPEC-251 Local Code Inclusion
CAPEC-252 PHP Local File Inclusion
CAPEC-256 SOAP Array Overflow
CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data
CAPEC-263 Force Use of Corrupted Files
CAPEC-267 Leverage Alternate Encoding
CAPEC-268 Audit Log Manipulation
CAPEC-270 Modification of Registry Run Keys
CAPEC-271 Schema Poisoning
CAPEC-275 DNS Rebinding
CAPEC-277 Data Interchange Protocol Manipulation
CAPEC-278 Web Services Protocol Manipulation
CAPEC-279 SOAP Manipulation
CAPEC-292 Host Discovery
CAPEC-300 Port Scanning
CAPEC-309 Network Topology Mapping
CAPEC-383 Harvesting Information via API Event Monitoring
CAPEC-389 Content Spoofing Via Application API Manipulation
CAPEC-401 Hacking Hardware
CAPEC-402 Bypassing ATA Password Security
CAPEC-438 Modification During Manufacture
CAPEC-439 Manipulation During Distribution
CAPEC-440 Hardware Integrity Attack
CAPEC-442 Infected Software
CAPEC-452 Infected Hardware
CAPEC-456 Infected Memory
CAPEC-471 Search Order Hijacking
CAPEC-473 Signature Spoof
CAPEC-474 Signature Spoofing by Key Theft
CAPEC-475 Signature Spoofing by Improper Validation
CAPEC-476 Signature Spoofing by Misrepresentation
CAPEC-478 Modification of Windows Service Configuration
CAPEC-482 TCP Flood
CAPEC-484 XML Client-Side Attack
CAPEC-486 UDP Flood
CAPEC-487 ICMP Flood
CAPEC-488 HTTP Flood
CAPEC-489 SSL Flood
CAPEC-490 Amplification
CAPEC-491 XML Quadratic Expansion
CAPEC-492 Regular Expression Exponential Blowup
CAPEC-493 SOAP Array Blowup
CAPEC-494 TCP Fragmentation
CAPEC-495 UDP Fragmentation
CAPEC-496 ICMP Fragmentation
CAPEC-502 Intent Spoof
CAPEC-503 WebView Exposure
CAPEC-504 Task Impersonation
CAPEC-528 XML Flood
CAPEC-529 Malware-Directed Internal Reconnaissance
CAPEC-533 Malicious Manual Software Update
CAPEC-537 Infiltration of Hardware Development Environment
CAPEC-543 Counterfeit Websites
CAPEC-544 Counterfeit Organizations
CAPEC-547 Physical Destruction of Device or Component
CAPEC-549 Local Execution of Code
CAPEC-550 Install New Service
CAPEC-551 Modify Existing Service
CAPEC-552 Install Rootkit
CAPEC-554 Functionality Bypass
CAPEC-556 Replace File Extension Handlers
CAPEC-558 Replace Trusted Executable
CAPEC-560 Use of Known Domain Credentials
CAPEC-561 Windows Admin Shares with Stolen Credentials
CAPEC-562 Modify Shared File
CAPEC-563 Add Malicious File to Shared Webroot
CAPEC-564 Run Software at Logon
CAPEC-572 Artificially Inflate File Sizes
CAPEC-573 Process Footprinting
CAPEC-574 Services Footprinting
CAPEC-575 Account Footprinting
CAPEC-576 Group Permission Footprinting
CAPEC-577 Owner Footprinting
CAPEC-578 Disable Security Software
CAPEC-580 Application Footprinting
CAPEC-583 Disabling Network Hardware
CAPEC-587 Cross Frame Scripting (XFS)
CAPEC-588 DOM-Based XSS
CAPEC-589 DNS Blocking
CAPEC-590 IP Address Blocking
CAPEC-591 Reflected XSS
CAPEC-592 Stored XSS
CAPEC-594 Traffic Injection
CAPEC-595 Connection Reset
CAPEC-596 TCP RST Injection
CAPEC-598 DNS Spoofing
CAPEC-599 Terrestrial Jamming
CAPEC-601 Jamming
CAPEC-609 Cellular Traffic Intercept
CAPEC-611 BitSquatting
CAPEC-612 WiFi MAC Address Tracking
CAPEC-613 WiFi SSID Tracking
CAPEC-615 Evil Twin Wi-Fi Attack
CAPEC-627 Counterfeit GPS Signals
CAPEC-628 Carry-Off GPS Attack
CAPEC-630 TypoSquatting
CAPEC-631 SoundSquatting
CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-633 Token Impersonation
CAPEC-636 Hiding Malicious Data or Code within Files
CAPEC-640 Inclusion of Code in Existing Process
CAPEC-641 DLL Side-Loading
CAPEC-642 Replace Binaries
CAPEC-646 Peripheral Footprinting
CAPEC-647 Collect Data from Registries
CAPEC-649 Adding a Space to a File Extension
CAPEC-650 Upload a Web Shell to a Web Server

Patterns Deprecated
CAPEC-239 DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
CAPEC-566 DEPRECATED: Dump Password Hashes
Back to top

Category Changes

New Categories Added

Existing Categories Modified with Enhanced Material
CAPEC-403 Social Engineering
CAPEC-437 Supply Chain
CAPEC-512 Communications
CAPEC-513 Software
CAPEC-515 Hardware

Categories Deprecated
Back to top

View Changes

Views Added

Existing Views Modified with Enhanced Material

Views Deprecated
Back to top

Mapping Changes

CAPEC --> CWE Mappings Added
CAPEC-2 Inducing Account Lockout
  --> CWE-645 Overly Restrictive Account Lockout Mechanism
CAPEC-4 Using Alternative IP Address Encodings
  --> CWE-173 Improper Handling of Alternate Encoding
CAPEC-5 Blue Boxing
  --> CWE-285 Improper Authorization
CAPEC-6 Argument Injection
  --> CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC-11 Cause Web Server Misclassification
  --> CWE-430 Deployment of Wrong Handler
CAPEC-23 File Content Injection
  --> CWE-20 Improper Input Validation
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths
  --> CWE-427 Uncontrolled Search Path Element
CAPEC-40 Manipulating Writeable Terminal Devices
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-55 Rainbow Table Password Cracking
  --> CWE-916 Use of Password Hash With Insufficient Computational Effort
CAPEC-117 Interception
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-121 Exploit Test APIs
  --> CWE-489 Leftover Debug Code
CAPEC-122 Privilege Abuse
  --> CWE-269 Improper Privilege Management
CAPEC-123 Buffer Manipulation
  --> CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC-129 Pointer Manipulation
  --> CWE-822 Untrusted Pointer Dereference
  --> CWE-823 Use of Out-of-range Pointer Offset
CAPEC-133 Try All Common Switches
  --> CWE-912 Hidden Functionality
CAPEC-134 Email Injection
  --> CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences
CAPEC-137 Parameter Injection
  --> CWE-88 Argument Injection or Modification
CAPEC-140 Bypassing of Intermediate Forms in Multiple-Form Sets
  --> CWE-372 Incomplete Internal State Distinction
CAPEC-145 Checksum Spoofing
  --> CWE-354 Improper Validation of Integrity Check Value
CAPEC-150 Collect Data from Common Resource Locations
  --> CWE-552 Files or Directories Accessible to External Parties
CAPEC-153 Input Data Manipulation
  --> CWE-20 Improper Input Validation
CAPEC-155 Screen Temporary Files for Sensitive Information
  --> CWE-377 Insecure Temporary File
CAPEC-159 Redirect Access to Libraries
  --> CWE-706 Use of Incorrectly-Resolved Name or Reference
CAPEC-160 Exploit Script-Based APIs
  --> CWE-346 Origin Validation Error
CAPEC-166 Force the System to Reset Values
  --> CWE-306 Missing Authentication for Critical Function
CAPEC-170 Web Application Fingerprinting
  --> CWE-497 Exposure of System Data to an Unauthorized Control Sphere
CAPEC-174 Flash Parameter Injection
  --> CWE-88 Argument Injection or Modification
CAPEC-176 Configuration/Environment Manipulation
  --> CWE-15 External Control of System or Configuration Setting
CAPEC-181 Flash File Overlay
  --> CWE-1021 Improper Restriction of Rendered UI Layers or Frames
CAPEC-183 IMAP/SMTP Command Injection
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality
  --> CWE-912 Hidden Functionality
CAPEC-222 iFrame Overlay
  --> CWE-1021 Improper Restriction of Rendered UI Layers or Frames
CAPEC-226 Session Credential Falsification through Manipulation
  --> CWE-472 External Control of Assumed-Immutable Web Parameter
  --> CWE-565 Reliance on Cookies without Validation and Integrity Checking
CAPEC-228 DTD Injection
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-233 Privilege Escalation
  --> CWE-269 Improper Privilege Management
CAPEC-242 Code Injection
  --> CWE-94 Improper Control of Generation of Code ('Code Injection')
CAPEC-244 XSS Targeting URI Placeholders
  --> CWE-83 Improper Neutralization of Script in Attributes in a Web Page
CAPEC-251 Local Code Inclusion
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-252 PHP Local File Inclusion
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-256 SOAP Array Overflow
  --> CWE-805 Buffer Access with Incorrect Length Value
CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data
  --> CWE-20 Improper Input Validation
CAPEC-263 Force Use of Corrupted Files
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-268 Audit Log Manipulation
  --> CWE-117 Improper Output Neutralization for Logs
CAPEC-270 Modification of Registry Run Keys
  --> CWE-15 External Control of System or Configuration Setting
CAPEC-277 Data Interchange Protocol Manipulation
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-278 Web Services Protocol Manipulation
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-279 SOAP Manipulation
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-389 Content Spoofing Via Application API Manipulation
  --> CWE-353 Missing Support for Integrity Check
CAPEC-402 Bypassing ATA Password Security
  --> CWE-285 Improper Authorization
CAPEC-474 Signature Spoofing by Key Theft
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-475 Signature Spoofing by Improper Validation
  --> CWE-327 Use of a Broken or Risky Cryptographic Algorithm
CAPEC-476 Signature Spoofing by Misrepresentation
  --> CWE-290 Authentication Bypass by Spoofing
CAPEC-478 Modification of Windows Service Configuration
  --> CWE-284 Improper Access Control
CAPEC-482 TCP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-484 XML Client-Side Attack
  --> CWE-91 XML Injection (aka Blind XPath Injection)
CAPEC-486 UDP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-487 ICMP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-488 HTTP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-489 SSL Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-490 Amplification
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-491 XML Quadratic Expansion
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-492 Regular Expression Exponential Blowup
  --> CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
CAPEC-493 SOAP Array Blowup
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-494 TCP Fragmentation
  --> CWE-404 Improper Resource Shutdown or Release
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-495 UDP Fragmentation
  --> CWE-404 Improper Resource Shutdown or Release
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-496 ICMP Fragmentation
  --> CWE-404 Improper Resource Shutdown or Release
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-502 Intent Spoof
  --> CWE-284 Improper Access Control
CAPEC-503 WebView Exposure
  --> CWE-284 Improper Access Control
CAPEC-504 Task Impersonation
  --> CWE-1021 Improper Restriction of Rendered UI Layers or Frames
CAPEC-509 Kerberoasting
  --> CWE-552 Files or Directories Accessible to External Parties
CAPEC-528 XML Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-533 Malicious Manual Software Update
  --> CWE-494 Download of Code Without Integrity Check
CAPEC-537 Infiltration of Hardware Development Environment
  --> CWE-125 Out-of-bounds Read
CAPEC-549 Local Execution of Code
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-550 Install New Service
  --> CWE-284 Improper Access Control
CAPEC-551 Modify Existing Service
  --> CWE-284 Improper Access Control
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-552 Install Rootkit
  --> CWE-284 Improper Access Control
CAPEC-554 Functionality Bypass
  --> CWE-424 Improper Protection of Alternate Path
CAPEC-556 Replace File Extension Handlers
  --> CWE-284 Improper Access Control
CAPEC-558 Replace Trusted Executable
  --> CWE-284 Improper Access Control
CAPEC-560 Use of Known Domain Credentials
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-561 Windows Admin Shares with Stolen Credentials
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-562 Modify Shared File
  --> CWE-284 Improper Access Control
CAPEC-563 Add Malicious File to Shared Webroot
  --> CWE-284 Improper Access Control
CAPEC-564 Run Software at Logon
  --> CWE-284 Improper Access Control
CAPEC-578 Disable Security Software
  --> CWE-284 Improper Access Control
CAPEC-588 DOM-Based XSS
  --> CWE-83 Improper Neutralization of Script in Attributes in a Web Page
CAPEC-589 DNS Blocking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-590 IP Address Blocking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-594 Traffic Injection
  --> CWE-940 Improper Verification of Source of a Communication Channel
CAPEC-595 Connection Reset
  --> CWE-940 Improper Verification of Source of a Communication Channel
CAPEC-596 TCP RST Injection
  --> CWE-940 Improper Verification of Source of a Communication Channel
CAPEC-609 Cellular Traffic Intercept
  --> CWE-311 Missing Encryption of Sensitive Data
CAPEC-612 WiFi MAC Address Tracking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-613 WiFi SSID Tracking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-615 Evil Twin Wi-Fi Attack
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-649 Adding a Space to a File Extension
  --> CWE-46 Path Equivalence: 'filename ' (Trailing Space)
CAPEC-650 Upload a Web Shell to a Web Server
  --> CWE-287 Improper Authentication

CAPEC --> CWE Mappings Removed
CAPEC-2 Inducing Account Lockout
  --> CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
CAPEC-4 Using Alternative IP Address Encodings
  --> CWE-41 Improper Resolution of Path Equivalence
  --> CWE-180 Incorrect Behavior Order: Validate Before Canonicalize
  --> CWE-345 Insufficient Verification of Data Authenticity
  --> CWE-697 Incorrect Comparison
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-5 Blue Boxing
  --> CWE-264 Permissions, Privileges, and Access Controls
CAPEC-6 Argument Injection
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-11 Cause Web Server Misclassification
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-23 File Content Injection
  --> CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  --> CWE-23 Relative Path Traversal
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
  --> CWE-713 OWASP Top Ten 2007 Category A2 - Injection Flaws
  --> CWE-715 OWASP Top Ten 2007 Category A4 - Insecure Direct Object Reference
CAPEC-40 Manipulating Writeable Terminal Devices
  --> CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
  --> CWE-306 Missing Authentication for Critical Function
CAPEC-54 Query System for Information
  --> CWE-248 Uncaught Exception
  --> CWE-717 OWASP Top Ten 2007 Category A6 - Information Leakage and Improper Error Handling
CAPEC-117 Interception
  --> CWE-200 Information Exposure
CAPEC-121 Exploit Test APIs
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-122 Privilege Abuse
  --> CWE-434 Unrestricted Upload of File with Dangerous Type
  --> CWE-602 Client-Side Enforcement of Server-Side Security
CAPEC-124 Shared Data Manipulation
  --> CWE-682 Incorrect Calculation
CAPEC-133 Try All Common Switches
  --> CWE-88 Argument Injection or Modification
  --> CWE-559 Often Misused: Arguments and Parameters
  --> CWE-656 Reliance on Security Through Obscurity
CAPEC-155 Screen Temporary Files for Sensitive Information
  --> CWE-311 Missing Encryption of Sensitive Data
CAPEC-159 Redirect Access to Libraries
  --> CWE-426 Untrusted Search Path
  --> CWE-427 Uncontrolled Search Path Element
  --> CWE-428 Unquoted Search Path or Element
CAPEC-174 Flash Parameter Injection
  --> CWE-184 Incomplete Blacklist
  --> CWE-185 Incorrect Regular Expression
  --> CWE-697 Incorrect Comparison
CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality or Content
  --> CWE-259 Use of Hard-coded Password
  --> CWE-798 Use of Hard-coded Credentials
CAPEC-191 Read Sensitive Strings Within an Executable
  --> CWE-259 Use of Hard-coded Password
CAPEC-196 Session Credential Falsification through Forging
  --> CWE-361 7PK - Time and State
CAPEC-228 DTD Injection
  --> CWE-100 DEPRECATED: Technology-Specific Input Validation Problems
CAPEC-242 Code Injection
  --> CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC-244 XSS Targeting URI Placeholders
  --> CWE-84 Improper Neutralization of Encoded URI Schemes in a Web Page
CAPEC-271 Schema Poisoning
  --> CWE-472 External Control of Assumed-Immutable Web Parameter
CAPEC-279 SOAP Manipulation
  --> CWE-674 Uncontrolled Recursion
CAPEC-389 Content Spoofing Via Application API Manipulation
  --> CWE-311 Missing Encryption of Sensitive Data
  --> CWE-345 Insufficient Verification of Data Authenticity
  --> CWE-346 Origin Validation Error
  --> CWE-602 Client-Side Enforcement of Server-Side Security
CAPEC-474 Signature Spoofing by Key Theft
  --> CWE-216 Containment Errors (Container Errors)
  --> CWE-284 Improper Access Control
  --> CWE-693 Protection Mechanism Failure
CAPEC-475 Signature Spoofing by Improper Validation
  --> CWE-693 Protection Mechanism Failure
CAPEC-478 Modification of Windows Service Configuration
  --> CWE-285 Improper Authorization
CAPEC-484 XML Client-Side Attack
  --> CWE-19 Data Processing Errors
CAPEC-578 Disable Security Software
  --> CWE-285 Improper Authorization
CAPEC-591 Reflected XSS
  --> CWE-20 Improper Input Validation
CAPEC-592 Stored XSS
  --> CWE-20 Improper Input Validation
CAPEC-640 Inclusion of Code in Existing Process
  --> CWE-706 Use of Incorrectly-Resolved Name or Reference
CAPEC-649 Adding a Space to a File Extension
  --> CWE-64 Windows Shortcut Following (.LNK)

CAPEC --> CAPEC Mappings Added
CAPEC-89 Pharming
CanFollow   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-543 Counterfeit Websites
CanFollow   --> CAPEC-611 BitSquatting
CanFollow   --> CAPEC-630 TypoSquatting
CanFollow   --> CAPEC-631 SoundSquatting
CanFollow   --> CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-94 Man in the Middle Attack
CanFollow   --> CAPEC-185 Malicious Software Download
CAPEC-98 Phishing
CanPrecede   --> CAPEC-89 Pharming
CanPrecede   --> CAPEC-543 Counterfeit Websites
CanPrecede   --> CAPEC-611 BitSquatting
CanPrecede   --> CAPEC-630 TypoSquatting
CanPrecede   --> CAPEC-631 SoundSquatting
CanPrecede   --> CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-105 HTTP Request Splitting
PeerOf   --> CAPEC-34 HTTP Response Splitting
CAPEC-163 Spear Phishing
CanFollow   --> CAPEC-116 Excavation
CAPEC-174 Flash Parameter Injection
CanPrecede   --> CAPEC-178 Cross-Site Flashing
Has Child   --> CAPEC-182 Flash Injection
CAPEC-196 Session Credential Falsification through Forging
CanPrecede   --> CAPEC-61 Session Fixation
CAPEC-383 Harvesting Information via API Event Monitoring
Has Child   --> CAPEC-407 Pretexting
CAPEC-403 Social Engineering
Has Member   --> CAPEC-151 Identity Spoofing
Has Member   --> CAPEC-154 Resource Location Spoofing
CAPEC-481 Contradictory Destinations in Traffic Routing Schemes
Has Child   --> CAPEC-161 Infrastructure Manipulation
CAPEC-509 Kerberoasting
Has Child   --> CAPEC-560 Use of Known Domain Credentials
CAPEC-512 Communications
Has Member   --> CAPEC-148 Content Spoofing
Has Member   --> CAPEC-151 Identity Spoofing
Has Member   --> CAPEC-154 Resource Location Spoofing
Has Member   --> CAPEC-169 Footprinting
CAPEC-513 Software
Has Member   --> CAPEC-441 Malicious Logic Insertion
CAPEC-515 Hardware
Has Member   --> CAPEC-148 Content Spoofing
Has Member   --> CAPEC-154 Resource Location Spoofing
CAPEC-543 Counterfeit Websites
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-611 BitSquatting
CanFollow   --> CAPEC-630 TypoSquatting
CanFollow   --> CAPEC-631 SoundSquatting
CanFollow   --> CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-611 BitSquatting
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites
CAPEC-630 TypoSquatting
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites
CAPEC-631 SoundSquatting
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites
CAPEC-632 Homograph Attack via Homoglyphs
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites

CAPEC --> CAPEC Mappings Removed
CAPEC-163 Spear Phishing
CanFollow   --> CAPEC-118 Collect and Analyze Information
CAPEC-174 Flash Parameter Injection
Has Child   --> CAPEC-137 Parameter Injection
CAPEC-239 Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
Has Child   --> CAPEC-207 Removing Important Client Functionality
CAPEC-383 Harvesting Information via API Event Monitoring
Has Child   --> CAPEC-567 DEPRECATED: Obtain Data via Utilities
CAPEC-515 Hardware
Has Member   --> CAPEC-169 Footprinting
CAPEC-566 Dump Password Hashes
Has Child   --> CAPEC-567 DEPRECATED: Obtain Data via Utilities
Back to top
More information is available — Please select a different filter.
Page Last Updated or Reviewed: April 04, 2019
 

Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. CAPEC is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2007–2024, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.