Common Attack Pattern Enumeration and Classification
A Community Resource for Identifying and Understanding Attacks
An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions. Since these functions are usually intended as emergency features to return an application to a stable configuration if the current configuration degrades functionality, they may not be as strongly secured as other configuration options. The resetting of values is dangerous as it may enable undesired functionality, disable services, or modify access controls. At the very least this is a nuisance attack since the administrator will need to re-apply their configuration. At worst, this attack can open avenues for powerful attacks against the application, and, if it isn't obvious that the configuration has been reset, these vulnerabilities may be present a long time before they are notices.
The table below shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.
The table below shows the views that this attack pattern belongs to and top level categories within that view.
None: No specialized resources are required to execute this type of attack. In some cases, the attacker may need special client applications in order to execute the reset functionality.
A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful. If multiple weaknesses are associated with the attack pattern, then any of the weaknesses (but not necessarily all) may be present for the attack to be successful. Each related weakness is identified by a CWE identifier.
More information is available — Please select a different filter.