New to CAPEC? Start Here
Home > CAPEC List > Reports > Differences between 3.5 and 3.6 Content  

Differences between 3.5 and 3.6 Content

Summary

Total (3.6) (not including Deprecated) 572
Total (3.5) (not including Deprecated) 567
Attack Patterns
New Patterns Added 6
Existing Patterns Modified with Enhanced Material 70
Patterns Deprecated 1
CAPEC -> CWE Mappings
CAPEC -> CWE Mappings Added 34
CAPEC -> CWE Mappings Removed 42
CAPEC -> CAPEC Mappings
CAPEC -> CAPEC Mappings Added 46
CAPEC -> CAPEC Mappings Removed 1

Summary of Entry Types

Type 3.5 3.6
Views 11 11
Categories 15 15
Attack Patterns 541 546
Deprecated 111 112

Back to top

Attack Pattern Changes

New Patterns Added
CAPEC-676 NoSQL Injection
CAPEC-677 Server Functionality Compromise
CAPEC-678 System Build Data Maliciously Altered
CAPEC-679 Exploitation of Improperly Configured or Implemented Memory Protections
CAPEC-680 Exploitation of Improperly Controlled Registers
CAPEC-681 Exploitation of Improperly Controlled Hardware Security Identifiers

Existing Patterns Modified with Enhanced Material
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-30 Hijacking a Privileged Thread of Execution
CAPEC-33 HTTP Request Smuggling
CAPEC-34 HTTP Response Splitting
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-51 Poison Web Service Registry
CAPEC-54 Query System for Information
CAPEC-57 Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
CAPEC-65 Sniff Application Code
CAPEC-67 String Format Overflow in syslog()
CAPEC-69 Target Programs with Elevated Privileges
CAPEC-76 Manipulating Web Input to File System Calls
CAPEC-90 Reflection Attack in Authentication Protocol
CAPEC-95 WSDL Scanning
CAPEC-100 Overflow Buffers
CAPEC-101 Server Side Include (SSI) Injection
CAPEC-105 HTTP Request Splitting
CAPEC-121 Exploit Non-Production Interfaces
CAPEC-126 Path Traversal
CAPEC-133 Try All Common Switches
CAPEC-139 Relative Path Traversal
CAPEC-143 Detect Unpublicized Web Pages
CAPEC-144 Detect Unpublicized Web Services
CAPEC-146 XML Schema Poisoning
CAPEC-155 Screen Temporary Files for Sensitive Information
CAPEC-160 Exploit Script-Based APIs
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-186 Malicious Software Update
CAPEC-197 Exponential Data Expansion
CAPEC-201 Serialized Data External Linking
CAPEC-215 Fuzzing for application mapping
CAPEC-221 Data Serialization External Entities Blowup
CAPEC-230 Serialized Data with Nested Payloads
CAPEC-233 Privilege Escalation
CAPEC-234 Hijacking a privileged process
CAPEC-252 PHP Local File Inclusion
CAPEC-256 SOAP Array Overflow
CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data
CAPEC-270 Modification of Registry Run Keys
CAPEC-271 Schema Poisoning
CAPEC-273 HTTP Response Smuggling
CAPEC-279 SOAP Manipulation
CAPEC-460 HTTP Parameter Pollution (HPP)
CAPEC-461 Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
CAPEC-462 Cross-Domain Search Timing
CAPEC-478 Modification of Windows Service Configuration
CAPEC-480 Escaping Virtualization
CAPEC-491 Quadratic Data Expansion
CAPEC-499 Android Intent Intercept
CAPEC-500 WebView Injection
CAPEC-501 Android Activity Hijack
CAPEC-522 Malicious Hardware Component Replacement
CAPEC-536 Data Injected During Configuration
CAPEC-540 Overread Buffers
CAPEC-546 Incomplete Data Deletion in a Multi-Tenant Environment
CAPEC-568 Capture Credentials via Keylogger
CAPEC-597 Absolute Path Traversal
CAPEC-637 Collect Data from Clipboard
CAPEC-640 Inclusion of Code in Existing Process
CAPEC-647 Collect Data from Registries
CAPEC-664 Server Side Request Forgery
CAPEC-669 Alteration of a Software Update

Existing Patterns with Modified Execution Flows
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-30 Hijacking a Privileged Thread of Execution
CAPEC-33 HTTP Request Smuggling
CAPEC-34 HTTP Response Splitting
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-51 Poison Web Service Registry
CAPEC-54 Query System for Information
CAPEC-57 Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
CAPEC-65 Sniff Application Code
CAPEC-67 String Format Overflow in syslog()
CAPEC-69 Target Programs with Elevated Privileges
CAPEC-76 Manipulating Web Input to File System Calls
CAPEC-90 Reflection Attack in Authentication Protocol
CAPEC-95 WSDL Scanning
CAPEC-100 Overflow Buffers
CAPEC-101 Server Side Include (SSI) Injection
CAPEC-105 HTTP Request Splitting
CAPEC-126 Path Traversal
CAPEC-133 Try All Common Switches
CAPEC-139 Relative Path Traversal
CAPEC-143 Detect Unpublicized Web Pages
CAPEC-144 Detect Unpublicized Web Services
CAPEC-146 XML Schema Poisoning
CAPEC-155 Screen Temporary Files for Sensitive Information
CAPEC-160 Exploit Script-Based APIs
CAPEC-186 Malicious Software Update
CAPEC-197 Exponential Data Expansion
CAPEC-201 Serialized Data External Linking
CAPEC-215 Fuzzing for application mapping
CAPEC-221 Data Serialization External Entities Blowup
CAPEC-230 Serialized Data with Nested Payloads
CAPEC-234 Hijacking a privileged process
CAPEC-252 PHP Local File Inclusion
CAPEC-256 SOAP Array Overflow
CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data
CAPEC-270 Modification of Registry Run Keys
CAPEC-271 Schema Poisoning
CAPEC-273 HTTP Response Smuggling
CAPEC-279 SOAP Manipulation
CAPEC-461 Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
CAPEC-462 Cross-Domain Search Timing
CAPEC-478 Modification of Windows Service Configuration
CAPEC-480 Escaping Virtualization
CAPEC-491 Quadratic Data Expansion
CAPEC-499 Android Intent Intercept
CAPEC-500 WebView Injection
CAPEC-501 Android Activity Hijack
CAPEC-536 Data Injected During Configuration
CAPEC-540 Overread Buffers
CAPEC-568 Capture Credentials via Keylogger
CAPEC-597 Absolute Path Traversal
CAPEC-637 Collect Data from Clipboard
CAPEC-640 Inclusion of Code in Existing Process
CAPEC-647 Collect Data from Registries
CAPEC-664 Server Side Request Forgery
CAPEC-669 Alteration of a Software Update

Patterns Deprecated
CAPEC-236 DEPRECATED: Catching exception throw/signal from privileged block
Back to top

Category Changes

New Categories Added

Existing Categories Modified with Enhanced Material

Categories Deprecated
Back to top

View Changes

Views Added

Existing Views Modified with Enhanced Material

Views Deprecated
Back to top

Mapping Changes

CAPEC --> CWE Mappings Added
CAPEC-34 HTTP Response Splitting
  --> CWE-138 Improper Neutralization of Special Elements
  --> CWE-436 Interpretation Conflict
CAPEC-105 HTTP Request Splitting
  --> CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
  --> CWE-138 Improper Neutralization of Special Elements
  --> CWE-436 Interpretation Conflict
CAPEC-121 Exploit Non-Production Interfaces
  --> CWE-1259 Improper Restriction of Security Token Assignment
  --> CWE-1267 Policy Uses Obsolete Encoding
  --> CWE-1270 Generation of Incorrect Security Tokens
  --> CWE-1294 Insecure Security Identifier Mechanism
  --> CWE-1296 Incorrect Chaining or Granularity of Debug Components
  --> CWE-1302 Missing Security Identifier
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
  --> CWE-1268 Policy Privileges are not Assigned Consistently Between Control and Data Agents
CAPEC-197 Exponential Data Expansion
  --> CWE-776 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CAPEC-676 NoSQL Injection
  --> CWE-943 Improper Neutralization of Special Elements in Data Query Logic
  --> CWE-1286 Improper Validation of Syntactic Correctness of Input
CAPEC-679 Exploitation of Improperly Configured or Implemented Memory Protections
  --> CWE-1222 Insufficient Granularity of Address Regions Protected by Register Locks
  --> CWE-1252 CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
  --> CWE-1257 Improper Access Control Applied to Mirrored or Aliased Memory Regions
  --> CWE-1260 Improper Handling of Overlap Between Protected Memory Ranges
  --> CWE-1274 Insufficient Protections on the Volatile Memory Containing Boot Code
  --> CWE-1282 Assumed-Immutable Data is Stored in Writable Memory
  --> CWE-1312 Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
  --> CWE-1316 Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
  --> CWE-1326 Missing Immutable Root of Trust in Hardware
CAPEC-680 Exploitation of Improperly Controlled Registers
  --> CWE-1224 Improper Restriction of Write-Once Bit Fields
  --> CWE-1231 Improper Implementation of Lock Protection Registers
  --> CWE-1233 Improper Hardware Lock Protection for Security Sensitive Controls
  --> CWE-1262 Register Interface Allows Software Access to Sensitive Data or Security Settings
  --> CWE-1283 Mutable Attestation or Measurement Reporting Data
CAPEC-681 Exploitation of Improperly Controlled Hardware Security Identifiers
  --> CWE-1259 Improper Restriction of Security Token Assignment
  --> CWE-1267 Policy Uses Obsolete Encoding
  --> CWE-1270 Generation of Incorrect Security Tokens
  --> CWE-1294 Insecure Security Identifier Mechanism
  --> CWE-1302 Missing Security Identifier

CAPEC --> CWE Mappings Removed
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
  --> CWE-1191 Exposed Chip Debug and Test Interface With Insufficient or Missing Authorization
  --> CWE-1224 Improper Restriction of Write-Once Bit Fields
  --> CWE-1244 Improper Access to Sensitive Information Using Debug and Test Interfaces
  --> CWE-1252 CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
  --> CWE-1257 Improper Access Control Applied to Mirrored or Aliased Memory Regions
  --> CWE-1262 Register Interface Allows Software Access to Sensitive Data or Security Settings
  --> CWE-1268 Policy Privileges are not Assigned Consistently Between Control and Data Agents
  --> CWE-1282 Assumed-Immutable Data is Stored in Writable Memory
  --> CWE-1283 Mutable Attestation or Measurement Reporting Data
  --> CWE-1299 Missing Protection Mechanism for Alternate Hardware Interface
  --> CWE-1302 Missing Security Identifier
  --> CWE-1312 Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
  --> CWE-1313 Hardware Allows Activation of Test or Debug Logic at Runtime
  --> CWE-1326 Missing Immutable Root of Trust in Hardware
CAPEC-33 HTTP Request Smuggling
  --> CWE-707 Improper Neutralization
CAPEC-34 HTTP Response Splitting
  --> CWE-697 Incorrect Comparison
  --> CWE-707 Improper Neutralization
CAPEC-105 HTTP Request Splitting
  --> CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
  --> CWE-1191 Exposed Chip Debug and Test Interface With Insufficient or Missing Authorization
  --> CWE-1222 Insufficient Granularity of Address Regions Protected by Register Locks
  --> CWE-1224 Improper Restriction of Write-Once Bit Fields
  --> CWE-1231 Improper Implementation of Lock Protection Registers
  --> CWE-1233 Improper Hardware Lock Protection for Security Sensitive Controls
  --> CWE-1234 Hardware Internal or Debug Modes Allow Override of Locks
  --> CWE-1244 Improper Access to Sensitive Information Using Debug and Test Interfaces
  --> CWE-1252 CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
  --> CWE-1257 Improper Access Control Applied to Mirrored or Aliased Memory Regions
  --> CWE-1259 Improper Restriction of Security Token Assignment
  --> CWE-1260 Improper Handling of Overlap Between Protected Memory Ranges
  --> CWE-1262 Register Interface Allows Software Access to Sensitive Data or Security Settings
  --> CWE-1267 Policy Uses Obsolete Encoding
  --> CWE-1270 Generation of Incorrect Security Tokens
  --> CWE-1274 Insufficient Protections on the Volatile Memory Containing Boot Code
  --> CWE-1282 Assumed-Immutable Data is Stored in Writable Memory
  --> CWE-1294 Insecure Security Identifier Mechanism
  --> CWE-1296 Incorrect Chaining or Granularity of Debug Components
  --> CWE-1299 Missing Protection Mechanism for Alternate Hardware Interface
  --> CWE-1313 Hardware Allows Activation of Test or Debug Logic at Runtime
  --> CWE-1316 Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
  --> CWE-1326 Missing Immutable Root of Trust in Hardware
CAPEC-197 XML Entity Expansion
  --> CWE-400 Uncontrolled Resource Consumption
CAPEC-236 Catching exception throw/signal from privileged block
  --> CWE-270 Privilege Context Switching Error

CAPEC --> CAPEC Mappings Added
CAPEC-33 HTTP Request Smuggling
CanPrecede   --> CAPEC-63 Cross-Site Scripting (XSS)
CanPrecede   --> CAPEC-115 Authentication Bypass
CanPrecede   --> CAPEC-141 Cache Poisoning
CanPrecede   --> CAPEC-148 Content Spoofing
CanPrecede   --> CAPEC-154 Resource Location Spoofing
PeerOf   --> CAPEC-273 HTTP Response Smuggling
CanPrecede   --> CAPEC-593 Session Hijacking
CAPEC-34 HTTP Response Splitting
CanPrecede   --> CAPEC-63 Cross-Site Scripting (XSS)
PeerOf   --> CAPEC-105 HTTP Request Splitting
CanPrecede   --> CAPEC-115 Authentication Bypass
CanPrecede   --> CAPEC-141 Cache Poisoning
CanPrecede   --> CAPEC-148 Content Spoofing
CanPrecede   --> CAPEC-154 Resource Location Spoofing
CanPrecede   --> CAPEC-593 Session Hijacking
CAPEC-67 String Format Overflow in syslog()
Has Child   --> CAPEC-135 Format String Injection
CAPEC-105 HTTP Request Splitting
CanPrecede   --> CAPEC-63 Cross-Site Scripting (XSS)
CanPrecede   --> CAPEC-115 Authentication Bypass
CanPrecede   --> CAPEC-141 Cache Poisoning
CanPrecede   --> CAPEC-148 Content Spoofing
CanPrecede   --> CAPEC-154 Resource Location Spoofing
CanPrecede   --> CAPEC-593 Session Hijacking
CAPEC-186 Malicious Software Update
CanFollow   --> CAPEC-98 Phishing
CAPEC-234 Hijacking a privileged process
CanFollow   --> CAPEC-100 Overflow Buffers
CanFollow   --> CAPEC-175 Code Inclusion
CanFollow   --> CAPEC-242 Code Injection
CAPEC-270 Modification of Registry Run Keys
CanPrecede   --> CAPEC-529 Malware-Directed Internal Reconnaissance
CanFollow   --> CAPEC-555 Remote Services with Stolen Credentials
CanPrecede   --> CAPEC-568 Capture Credentials via Keylogger
CanPrecede   --> CAPEC-646 Peripheral Footprinting
CAPEC-271 Schema Poisoning
CanFollow   --> CAPEC-94 Adversary in the Middle (AiTM)
CAPEC-273 HTTP Response Smuggling
CanPrecede   --> CAPEC-63 Cross-Site Scripting (XSS)
CanPrecede   --> CAPEC-115 Authentication Bypass
CanPrecede   --> CAPEC-141 Cache Poisoning
CanPrecede   --> CAPEC-148 Content Spoofing
CanPrecede   --> CAPEC-154 Resource Location Spoofing
CanPrecede   --> CAPEC-593 Session Hijacking
CAPEC-460 HTTP Parameter Pollution (HPP)
CanPrecede   --> CAPEC-676 NoSQL Injection
CAPEC-676 NoSQL Injection
Has Child   --> CAPEC-248 Command Injection
CAPEC-677 Server Functionality Compromise
Has Child   --> CAPEC-534 Malicious Hardware Update
CAPEC-678 System Build Data Maliciously Altered
Has Child   --> CAPEC-444 Development Alteration
CAPEC-679 Exploitation of Improperly Configured or Implemented Memory Protections
Has Child   --> CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
Has Child   --> CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-680 Exploitation of Improperly Controlled Registers
Has Child   --> CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
Has Child   --> CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-681 Exploitation of Improperly Controlled Hardware Security Identifiers
Has Child   --> CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
Has Child   --> CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels

CAPEC --> CAPEC Mappings Removed
CAPEC-236 Catching exception throw/signal from privileged block
Has Child   --> CAPEC-30 Hijacking a Privileged Thread of Execution
Back to top
More information is available — Please select a different filter.
Page Last Updated or Reviewed: October 21, 2021
 

Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. CAPEC is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2007–2024, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.