Home > CAPEC List > VIEW SLICE: CAPEC-483: Deprecated Entries(Version 3.0)  

CAPEC-483: Deprecated Entries

View ID: 483
Structure: Implicit
Status: Draft
Downloads: Booklet | CSV | XML
+ Objective
CAPEC nodes in this view (slice) have been deprecated.
+ Filter
/Attack_Pattern_Catalog/*/*[@Status='Deprecated']
+ Membership
NatureTypeIDName
HasMemberDeprecatedDeprecated56DEPRECATED: Removing/short-circuiting 'guard logic'
HasMemberDeprecatedDeprecated91DEPRECATED: XSS in IMG Tags
HasMemberDeprecatedDeprecated106DEPRECATED: XSS through Log Files
HasMemberDeprecatedDeprecated119DEPRECATED: Deplete Resources
HasMemberDeprecatedDeprecated171DEPRECATED: Variable Manipulation
HasMemberDeprecatedDeprecated205DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin)
HasMemberDeprecatedDeprecated211DEPRECATED: Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior
HasMemberDeprecatedDeprecated213DEPRECATED: Directory Traversal
HasMemberDeprecatedDeprecated232DEPRECATED: Exploitation of Authorization
HasMemberDeprecatedDeprecated235DEPRECATED: Implementing a callback to system routine (old AWT Queue)
HasMemberDeprecatedDeprecated238DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege
HasMemberDeprecatedDeprecated241DEPRECATED: Code Injection
HasMemberDeprecatedDeprecated246DEPRECATED: XSS Using Flash
HasMemberDeprecatedDeprecated249DEPRECATED: Linux Terminal Injection
HasMemberDeprecatedDeprecated254DEPRECATED: DTD Injection in a SOAP Message
HasMemberDeprecatedDeprecated257DEPRECATED: Abuse of Transaction Data Structure
HasMemberDeprecatedDeprecated258DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update
HasMemberDeprecatedDeprecated259DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching
HasMemberDeprecatedDeprecated260DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution
HasMemberDeprecatedDeprecated264DEPRECATED: Environment Variable Manipulation
HasMemberDeprecatedDeprecated265DEPRECATED: Global variable manipulation
HasMemberDeprecatedDeprecated266DEPRECATED: Manipulate Canonicalization
HasMemberDeprecatedDeprecated269DEPRECATED: Registry Manipulation
HasMemberDeprecatedDeprecated280DEPRECATED: SOAP Parameter Tampering
HasMemberDeprecatedDeprecated281DEPRECATED: Analyze Target
HasMemberDeprecatedDeprecated286DEPRECATED: Reconnaissance
HasMemberDeprecatedDeprecated288DEPRECATED: ICMP Echo Request Ping
HasMemberDeprecatedDeprecated289DEPRECATED: Infrastructure-based footprinting
HasMemberDeprecatedDeprecated311DEPRECATED: OS Fingerprinting
HasMemberDeprecatedDeprecated314DEPRECATED: IP Fingerprinting Probes
HasMemberDeprecatedDeprecated315DEPRECATED: TCP/IP Fingerprinting Probes
HasMemberDeprecatedDeprecated316DEPRECATED: ICMP Fingerprinting Probes
HasMemberDeprecatedDeprecated334DEPRECATED: WASC Threat Classification 2.0 - WASC-01 - Insufficient Authentication
HasMemberDeprecatedDeprecated335DEPRECATED: WASC Threat Classification 2.0 - WASC-02 - Insufficient Authorization
HasMemberDeprecatedDeprecated337DEPRECATED: WASC Threat Classification 2.0 - WASC-04 - Insufficient Transport Layer Protection
HasMemberDeprecatedDeprecated346DEPRECATED: WASC Threat Classification 2.0 - WASC-13 - Information Leakage
HasMemberDeprecatedDeprecated347DEPRECATED: WASC Threat Classification 2.0 - WASC-14 - Server Misconfiguration
HasMemberDeprecatedDeprecated348DEPRECATED: WASC Threat Classification 2.0 - WASC-15 - Application Misconfiguration
HasMemberDeprecatedDeprecated349DEPRECATED: WASC Threat Classification 2.0 - WASC-16 - Directory Indexing
HasMemberDeprecatedDeprecated350DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions
HasMemberDeprecatedDeprecated353DEPRECATED: WASC Threat Classification 2.0 - WASC-20 - Improper Input Handling
HasMemberDeprecatedDeprecated354DEPRECATED: WASC Threat Classification 2.0 - WASC-21 - Insufficient Anti-automation
HasMemberDeprecatedDeprecated355DEPRECATED: WASC Threat Classification 2.0 - WASC-22 - Improper Output Handling
HasMemberDeprecatedDeprecated373DEPRECATED: WASC Threat Classification 2.0 - WASC-40 - Insufficient Process Validation
HasMemberDeprecatedDeprecated380DEPRECATED: WASC Threat Classification 2.0 - WASC-47 - Insufficient Session Expiration
HasMemberDeprecatedDeprecated381DEPRECATED: WASC Threat Classification 2.0 - WASC-48 - Insecure Indexing
HasMemberDeprecatedDeprecated382DEPRECATED: WASC Threat Classification 2.0 - WASC-49 - Insufficient Password Recovery
HasMemberDeprecatedDeprecated404DEPRECATED: Social Information Gathering Attacks
HasMemberDeprecatedDeprecated405DEPRECATED: Social Information Gathering via Research
HasMemberDeprecatedDeprecated408DEPRECATED: Information Gathering from Traditional Sources
HasMemberDeprecatedDeprecated409DEPRECATED: Information Gathering from Non-Traditional Sources
HasMemberDeprecatedDeprecated411DEPRECATED: Pretexting
HasMemberDeprecatedDeprecated419DEPRECATED: Target Influence via Perception of Concession
HasMemberDeprecatedDeprecated430DEPRECATED: Target Influence via Micro-Expressions
HasMemberDeprecatedDeprecated431DEPRECATED: Target Influence via Neuro-Linguistic Programming (NLP)
HasMemberDeprecatedDeprecated432DEPRECATED: Target Influence via Voice in NLP
HasMemberDeprecatedDeprecated436DEPRECATED: Gain Physical Access
HasMemberDeprecatedDeprecated449DEPRECATED: Malware Propagation via USB Stick
HasMemberDeprecatedDeprecated450DEPRECATED: Malware Propagation via USB U3 Autorun
HasMemberDeprecatedDeprecated451DEPRECATED: Malware Propagation via Infected Peripheral Device
HasMemberDeprecatedDeprecated453DEPRECATED: Malicious Logic Insertion via Counterfeit Hardware
HasMemberDeprecatedDeprecated454DEPRECATED: Modification of Existing Components with Counterfeit Hardware
HasMemberDeprecatedDeprecated455DEPRECATED: Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components
HasMemberDeprecatedDeprecated525DEPRECATED: Execute Code
HasMemberDeprecatedDeprecated526DEPRECATED: Alter System Components
HasMemberDeprecatedDeprecated527DEPRECATED: Manipulate System Users
HasMemberDeprecatedDeprecated557DEPRECATED: Schedule Software To Run
HasMemberDeprecatedDeprecated567DEPRECATED: Obtain Data via Utilities
HasMemberDeprecatedDeprecated570DEPRECATED: Signature-Based Avoidance
HasMemberDeprecatedDeprecated602DEPRECATED: Degradation
+ View Metrics
CAPECs in this view
Attack Patterns47
Categories23
Views0
Total70
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
View Components
View Components
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

CAPEC-430: DEPRECATED: Target Influence via Micro-Expressions

Attack Pattern ID: 430
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Target Influence via Micro-Expressions

CAPEC-431: DEPRECATED: Target Influence via Neuro-Linguistic Programming (NLP)

Attack Pattern ID: 431
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Target Influence via Neuro-Linguistic Programming (NLP)

CAPEC-432: DEPRECATED: Target Influence via Voice in NLP

Attack Pattern ID: 432
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Target Influence via Voice in NLP

CAPEC-257: DEPRECATED: Abuse of Transaction Data Structure

Attack Pattern ID: 257
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description, Description Summary
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Abuse of Transaction Data Structure

CAPEC-526: DEPRECATED: Alter System Components

Category ID: 526
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used in any view.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Alter System Components

CAPEC-281: DEPRECATED: Analyze Target

Category ID: 281
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used in any view.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description, Other_Notes
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Analyze Target

CAPEC-241: DEPRECATED: Code Injection

Attack Pattern ID: 241
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-242 : Code Injection". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-12-07CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description, Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Code Injection

CAPEC-602: DEPRECATED: Degradation

Attack Pattern ID: 602
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Degradation

CAPEC-119: DEPRECATED: Deplete Resources

Category ID: 119
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used by any of the Views.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description, Related_Weaknesses, Resources_Required
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Deplete Resources

CAPEC-213: DEPRECATED: Directory Traversal

Attack Pattern ID: 213
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-126 : Path Traversal". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-12-07CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Attack_Motivation-Consequences, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, Description Summary, Related_Attack_Patterns, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations
Previous Entry Names
Change DatePrevious Entry Name
2017-01-09Directory Traversal

CAPEC-254: DEPRECATED: DTD Injection in a SOAP Message

Attack Pattern ID: 254
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the pattern CAPEC-228 : DTD Injection going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description, Description Summary, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01DTD Injection in a SOAP Message

CAPEC-264: DEPRECATED: Environment Variable Manipulation

Attack Pattern ID: 264
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-13 : Subverting Environment Variable Values". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Environment Variable Manipulation

CAPEC-525: DEPRECATED: Execute Code

Category ID: 525
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used in any view.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Description, Relationships
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description, Relationships
Previous Entry Names
Change DatePrevious Entry Name
2015-11-09Malicious Code Execution
2017-05-01Execute Code

CAPEC-232: DEPRECATED: Exploitation of Authorization

Category ID: 232
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used by any of the Views.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-12-07CAPEC Content TeamThe MITRE Corporation
Updated Related_Weaknesses, Relationships
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Exploitation of Authorization

CAPEC-436: DEPRECATED: Gain Physical Access

Category ID: 436
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used in any view.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Gain Physical Access

CAPEC-265: DEPRECATED: Global variable manipulation

Attack Pattern ID: 265
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-77 : Manipulating User-Controlled Variables". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Global variable manipulation

CAPEC-288: DEPRECATED: ICMP Echo Request Ping

Attack Pattern ID: 288
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-285". Please refer to this other CAPEC going forward.
+ Typical Severity

Low

+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns

CAPEC-316: DEPRECATED: ICMP Fingerprinting Probes

Attack Pattern ID: 316
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level pattern CAPEC-312 : Active OS Fingerprinting going forward, or to any of the detailed patterns that are children of CAPEC-312.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01ICMP Fingerprinting Probes

CAPEC-235: DEPRECATED: Implementing a callback to system routine (old AWT Queue)

Attack Pattern ID: 235
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated. Please refer to CAPEC:30 - Hijacking a Privileged Thread of Execution.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description, Description Summary, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Implementing a callback to system routine (old AWT Queue)

CAPEC-409: DEPRECATED: Information Gathering from Non-Traditional Sources

Attack Pattern ID: 409
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to CAPEC-118 : Collect and Analyze Information.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, Related_Attack_Patterns, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References
Previous Entry Names
Change DatePrevious Entry Name
2017-08-04Information Gathering from Non-Traditional Sources

CAPEC-408: DEPRECATED: Information Gathering from Traditional Sources

Attack Pattern ID: 408
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to CAPEC-118 : Collect and Analyze Information.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Relevant to the view "Mechanisms of Attack" (CAPEC-1000)
NatureTypeIDName
ParentOfDetailed Attack PatternDetailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.467Cross Site Identification
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, Related_Attack_Patterns, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References
Previous Entry Names
Change DatePrevious Entry Name
2017-08-04Information Gathering from Traditional Sources

CAPEC-289: DEPRECATED: Infrastructure-based footprinting

Attack Pattern ID: 289
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the meta level pattern CAPEC-169 : going forward, or to any of its children patterns.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Resources_Required, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Targeted_OSI_Layers, Typical_Severity

CAPEC-314: DEPRECATED: IP Fingerprinting Probes

Attack Pattern ID: 314
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level pattern CAPEC-312 : Active OS Fingerprinting going forward, or to any of the detailed patterns that children of CAPEC-312.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01IP Fingerprinting Probes

CAPEC-211: DEPRECATED: Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior

Attack Pattern ID: 211
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-12-07CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior

CAPEC-205: DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin)

Attack Pattern ID: 205
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-37 : Retrieve Embedded Sensitive Data. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Lifting credential(s)/key material embedded in client distributions (thick or thin)

CAPEC-249: DEPRECATED: Linux Terminal Injection

Attack Pattern ID: 249
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is covered by "CAPEC-40 : Manipulating Writeable Terminal Devices". Please refer to this CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Linux Terminal Injection

CAPEC-453: DEPRECATED: Malicious Logic Insertion via Counterfeit Hardware

Attack Pattern ID: 453
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-452 : Malicious Logic Insertion into Product Hardware. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Malicious Logic Insertion via Counterfeit Hardware

CAPEC-455: DEPRECATED: Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components

Attack Pattern ID: 455
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-457 : Malicious Logic Insertion into Product Hardware. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, Examples-Instances, References, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components

CAPEC-451: DEPRECATED: Malware Propagation via Infected Peripheral Device

Attack Pattern ID: 451
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-448 : Malware Infection into Product Software. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, Related_Attack_Patterns
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated References
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Malware Propagation via Infected Peripheral Device

CAPEC-449: DEPRECATED: Malware Propagation via USB Stick

Attack Pattern ID: 449
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-448 : Malware Infection into Product Software. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, Examples-Instances, References, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Malware Propagation via USB Stick

CAPEC-450: DEPRECATED: Malware Propagation via USB U3 Autorun

Attack Pattern ID: 450
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-448 : Malware Infection into Product Software. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Malware Propagation via USB U3 Autorun

CAPEC-266: DEPRECATED: Manipulate Canonicalization

Attack Pattern ID: 266
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description, Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Manipulate Canonicalization

CAPEC-527: DEPRECATED: Manipulate System Users

Category ID: 527
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used in any view.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Manipulate System Users

CAPEC-454: DEPRECATED: Modification of Existing Components with Counterfeit Hardware

Attack Pattern ID: 454
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-452 : Malicious Logic Insertion into Product Hardware. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Modification of Existing Components with Counterfeit Hardware

CAPEC-567: DEPRECATED: Obtain Data via Utilities

Attack Pattern ID: 567
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This CAPEC has been deprecated because of is not directly related to a weakness, social engineering, supply chains, or a physical-based attack.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Relevant to the view "Mechanisms of Attack" (CAPEC-1000)
NatureTypeIDName
ParentOfDetailed Attack PatternDetailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.383Harvesting Information via API Event Monitoring
ParentOfDetailed Attack PatternDetailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.566Dump Password Hashes
+ Content History
Submissions
Submission DateSubmitterOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Obtain Data via Utilities

CAPEC-311: DEPRECATED: OS Fingerprinting

Attack Pattern ID: 311
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level patterns CAPEC-312 : Active OS Fingerprinting or CAPEC-313 : Passive OS Fingerprinting going forward, or to any of the detailed patterns that are children of them.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Updated References
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01OS Fingerprinting

CAPEC-258: DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update

Attack Pattern ID: 258
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-65 : Sniff Application Code". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Languages, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-01-09Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update

CAPEC-260: DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution

Attack Pattern ID: 260
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-65 : Sniff Application Code". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Languages, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-01-09Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution

CAPEC-259: DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching

Attack Pattern ID: 259
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-65 : Sniff Application Code". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Languages, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-01-09Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching

CAPEC-411: DEPRECATED: Pretexting

Attack Pattern ID: 411
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-407 : Social Information Gathering via Pretexting". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity

CAPEC-286: DEPRECATED: Reconnaissance

Category ID: 286
 
Status: Deprecated
+ Summary
This category has been deprecated as it is no longer used in any view.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Relationships
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Reconnaissance

CAPEC-269: DEPRECATED: Registry Manipulation

Attack Pattern ID: 269
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This pattern has been deprecated as it was determined to be a duplicate of another pattern. Please refer to the pattern CAPEC-203 : Manipulate Application Registry Values going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Description, Description Summary, Related_Attack_Patterns

CAPEC-56: DEPRECATED: Removing/short-circuiting 'guard logic'

Attack Pattern ID: 56
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of CAPEC-207 : Removing Important Client Functionality. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-12-07CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Activation_Zone, Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Injection_Vector, Languages, Payload, Payload_Activation_Impact, Platforms, Probing_Techniques, Purposes, Related_Attack_Patterns, Related_Guidelines, Related_Security_Principles, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Removing/short-circuiting 'guard logic'

CAPEC-557: DEPRECATED: Schedule Software To Run

Attack Pattern ID: 557
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This CAPEC has been deprecated because of is not directly related to a weakness, social engineering, supply chains, or a physical-based attack.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns, Solutions_and_Mitigations
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Schedule Software To Run

CAPEC-570: DEPRECATED: Signature-Based Avoidance

Attack Pattern ID: 570
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This CAPEC has been deprecated because of is not directly related to a weakness, social engineering, supply chains, or a physical-based attack.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2015-11-09CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns, Solutions_and_Mitigations
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Signature-Based Avoidance

CAPEC-280: DEPRECATED: SOAP Parameter Tampering

Attack Pattern ID: 280
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as its contents have been included in CAPEC-279 : SOAP Manipulation. Please refer to this other pattern going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Relevant to the view "Mechanisms of Attack" (CAPEC-1000)
NatureTypeIDName
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31SOAP Parameter Tampering

CAPEC-404: DEPRECATED: Social Information Gathering Attacks

Attack Pattern ID: 404
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to CAPEC-118 : Collect and Analyze Information.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ References
[REF-348] "The Official Social Engineering Portal". Social-Engineer.org. Tick Tock Computers, LLC. <http://www.social-engineer.org>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-08-04Social Information Gathering Attacks

CAPEC-405: DEPRECATED: Social Information Gathering via Research

Attack Pattern ID: 405
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to CAPEC-118 : Collect and Analyze Information.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ References
[REF-348] "The Official Social Engineering Portal". Social-Engineer.org. Tick Tock Computers, LLC. <http://www.social-engineer.org>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, Related_Attack_Patterns, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-08-04Social Information Gathering via Research

CAPEC-419: DEPRECATED: Target Influence via Perception of Concession

Attack Pattern ID: 419
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it was deemed not to be a legitimate pattern.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-08-04Target Influence via Perception of Concession

CAPEC-315: DEPRECATED: TCP/IP Fingerprinting Probes

Attack Pattern ID: 315
Abstraction: Standard
Status: Deprecated
Presentation Filter:
+ Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level pattern CAPEC-312 : Active OS Fingerprinting going forward, or to any of the detailed patterns that are children of CAPEC-312.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01TCP/IP Fingerprinting Probes

CAPEC-238: DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege

Attack Pattern ID: 238
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it did not appear to be a valid attack pattern.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description, Description Summary, Related_Attack_Patterns
Previous Entry Names
Change DatePrevious Entry Name
2018-07-31Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege

CAPEC-171: DEPRECATED: Variable Manipulation

Attack Pattern ID: 171
Abstraction: Meta
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-77 : Manipulating User-Controlled Variables". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Variable Manipulation

CAPEC-334: DEPRECATED: WASC Threat Classification 2.0 - WASC-01 - Insufficient Authentication

Category ID: 334
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Authentication
+ References
[REF-275] "WASC Threat Classification 2.0". WASC-01 - Insufficient Authentication. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insufficient-Authentication>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-335: DEPRECATED: WASC Threat Classification 2.0 - WASC-02 - Insufficient Authorization

Category ID: 335
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Authorization
+ References
[REF-276] "WASC Threat Classification 2.0". WASC-02 - Insufficient Authorization. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insufficient-Authorization>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-337: DEPRECATED: WASC Threat Classification 2.0 - WASC-04 - Insufficient Transport Layer Protection

Category ID: 337
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Transport Layer Protection
+ References
[REF-278] "WASC Threat Classification 2.0". WASC-04 - Insufficient Transport Layer Protection. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insufficient-Transport-Layer-Protection>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-346: DEPRECATED: WASC Threat Classification 2.0 - WASC-13 - Information Leakage

Category ID: 346
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Information Leakage
+ References
[REF-288] "WASC Threat Classification 2.0". WASC-13 - Information Leakage. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Information-Leakage>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-347: DEPRECATED: WASC Threat Classification 2.0 - WASC-14 - Server Misconfiguration

Category ID: 347
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Server Misconfiguration
+ References
[REF-289] "WASC Threat Classification 2.0". WASC-14 - Server Misconfiguration. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Server-Misconfiguration>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-348: DEPRECATED: WASC Threat Classification 2.0 - WASC-15 - Application Misconfiguration

Category ID: 348
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Application Misconfiguration
+ References
[REF-290] "WASC Threat Classification 2.0". WASC-15 - Application Misconfiguration. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Application-Misconfiguration>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-349: DEPRECATED: WASC Threat Classification 2.0 - WASC-16 - Directory Indexing

Category ID: 349
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Directory Indexing
+ References
[REF-11] "WASC Threat Classification 2.0". WASC-16 - Directory Indexing. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Directory-Indexing>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-350: DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions

Category ID: 350
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Improper Filesystem Permissions
+ References
[REF-293] "WASC Threat Classification 2.0". WASC-17 - Improper Filesystem Permissions. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Improper-Filesystem-Permissions>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-353: DEPRECATED: WASC Threat Classification 2.0 - WASC-20 - Improper Input Handling

Category ID: 353
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Improper Input Handling
+ References
[REF-108] "WASC Threat Classification 2.0". WASC-20 - Improper Input Handling. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Improper-Input-Handling>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-354: DEPRECATED: WASC Threat Classification 2.0 - WASC-21 - Insufficient Anti-automation

Category ID: 354
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Anti-automation
+ References
[REF-297] "WASC Threat Classification 2.0". WASC-21 - Insufficient Anti-automation. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insufficient+Anti-automation>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-355: DEPRECATED: WASC Threat Classification 2.0 - WASC-22 - Improper Output Handling

Category ID: 355
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Improper Output Handling
+ References
[REF-298] "WASC Threat Classification 2.0". WASC-22 - Improper Output Handling. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Improper-Output-Handling>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-373: DEPRECATED: WASC Threat Classification 2.0 - WASC-40 - Insufficient Process Validation

Category ID: 373
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Process Validation
+ References
[REF-316] "WASC Threat Classification 2.0". WASC-40 - Insufficient Process Validation. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insufficient-Process-Validation>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-380: DEPRECATED: WASC Threat Classification 2.0 - WASC-47 - Insufficient Session Expiration

Category ID: 380
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Session Expiration
+ References
[REF-324] "WASC Threat Classification 2.0". WASC-47 - Insufficient Session Expiration. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insufficient-Session-Expiration>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-381: DEPRECATED: WASC Threat Classification 2.0 - WASC-48 - Insecure Indexing

Category ID: 381
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insecure Indexing
+ References
[REF-325] "WASC Threat Classification 2.0". WASC-48 - Insecure Indexing. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insecure-Indexing>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-382: DEPRECATED: WASC Threat Classification 2.0 - WASC-49 - Insufficient Password Recovery

Category ID: 382
 
Status: Deprecated
+ Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Password Recovery
+ References
[REF-326] "WASC Threat Classification 2.0". WASC-49 - Insufficient Password Recovery. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Insufficient-Password-Recovery>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation

CAPEC-91: DEPRECATED: XSS in IMG Tags

Attack Pattern ID: 91
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it is contained in the existing attack pattern "CAPEC-18 : XSS Targeting Non-Script Elements". Please refer to this other CAPEC going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Activation_Zone, Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Injection_Vector, Languages, Methods_of_Attack, Payload, Payload_Activation_Impact, Platforms, Purposes, Related_Attack_Patterns, Related_Guidelines, Related_Security_Principles, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated Description Summary
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01XSS in IMG Tags

CAPEC-106: DEPRECATED: XSS through Log Files

Attack Pattern ID: 106
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This attack pattern has been deprecated as it referes to an existing chain relationship between "CAPEC-93 : Log Injection-Tampering-Forging" and "CAPEC-63 : Cross-Site Scripting". Please refer to these CAPECs going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Activation_Zone, Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Injection_Vector, Languages, Methods_of_Attack, Payload, Payload_Activation_Impact, Platforms, Probing_Techniques, Purposes, Related_Attack_Patterns, Related_Security_Principles, Related_Weaknesses, Relevant_Security_Requirements, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Cross Site Scripting through Log Files

CAPEC-246: DEPRECATED: XSS Using Flash

Attack Pattern ID: 246
Abstraction: Detailed
Status: Deprecated
Presentation Filter:
+ Description
This pattern has been deprecated as it is covered by a chaining relationship between CAPEC-174: Flash Parameter Injection and CAPEC-591: Stored XSS. Please refer to these CAPECs going forward.
+ Relationships

The table(s) below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.

+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Attack_Phases, Description, Description Summary, Related_Attack_Patterns, Related_Weaknesses
Previous Entry Names
Change DatePrevious Entry Name
2017-05-01Cross-Site Scripting Using Flash

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2018