CAPEC - CAPEC-483: Deprecated Entries (Version 3.9)


Common Attack Pattern Enumeration and Classification A Community Resource for Identifying and Understanding Attacks

Home > CAPEC List > CAPEC-483: Deprecated Entries (Version 3.9)

CAPEC VIEW: Deprecated Entries

View ID: 483

Structure: Implicit

Downloads: Booklet | CSV | XML

Objective

CAPEC nodes in this view (slice) have been deprecated.

Filter

/Attack_Pattern_Catalog/*/*[@Status='Deprecated']

Membership

Nature	Type	ID	Name
HasMember	Deprecated	56	DEPRECATED: Removing/short-circuiting 'guard logic'
HasMember	Deprecated	82	DEPRECATED: Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Service (XDoS))
HasMember	Deprecated	91	DEPRECATED: XSS in IMG Tags
HasMember	Deprecated	99	DEPRECATED: XML Parser Attack
HasMember	Deprecated	106	DEPRECATED: XSS through Log Files
HasMember	Deprecated	119	DEPRECATED: Deplete Resources
HasMember	Deprecated	171	DEPRECATED: Variable Manipulation
HasMember	Deprecated	205	DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin)
HasMember	Deprecated	211	DEPRECATED: Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior
HasMember	Deprecated	213	DEPRECATED: Directory Traversal
HasMember	Deprecated	214	DEPRECATED: Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping
HasMember	Deprecated	232	DEPRECATED: Exploitation of Authorization
HasMember	Deprecated	235	DEPRECATED: Implementing a callback to system routine (old AWT Queue)
HasMember	Deprecated	236	DEPRECATED: Catching exception throw/signal from privileged block
HasMember	Deprecated	238	DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege
HasMember	Deprecated	239	DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
HasMember	Deprecated	241	DEPRECATED: Code Injection
HasMember	Deprecated	246	DEPRECATED: XSS Using Flash
HasMember	Deprecated	249	DEPRECATED: Linux Terminal Injection
HasMember	Deprecated	254	DEPRECATED: DTD Injection in a SOAP Message
HasMember	Deprecated	257	DEPRECATED: Abuse of Transaction Data Structure
HasMember	Deprecated	258	DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update
HasMember	Deprecated	259	DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching
HasMember	Deprecated	260	DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution
HasMember	Deprecated	264	DEPRECATED: Environment Variable Manipulation
HasMember	Deprecated	265	DEPRECATED: Global variable manipulation
HasMember	Deprecated	266	DEPRECATED: Manipulate Canonicalization
HasMember	Deprecated	269	DEPRECATED: Registry Manipulation
HasMember	Deprecated	280	DEPRECATED: SOAP Parameter Tampering
HasMember	Deprecated	281	DEPRECATED: Analyze Target
HasMember	Deprecated	286	DEPRECATED: Reconnaissance
HasMember	Deprecated	288	DEPRECATED: ICMP Echo Request Ping
HasMember	Deprecated	289	DEPRECATED: Infrastructure-based footprinting
HasMember	Deprecated	311	DEPRECATED: OS Fingerprinting
HasMember	Deprecated	314	DEPRECATED: IP Fingerprinting Probes
HasMember	Deprecated	315	DEPRECATED: TCP/IP Fingerprinting Probes
HasMember	Deprecated	316	DEPRECATED: ICMP Fingerprinting Probes
HasMember	Deprecated	334	DEPRECATED: WASC Threat Classification 2.0 - WASC-01 - Insufficient Authentication
HasMember	Deprecated	335	DEPRECATED: WASC Threat Classification 2.0 - WASC-02 - Insufficient Authorization
HasMember	Deprecated	336	DEPRECATED: WASC-03 - Integer Overflows
HasMember	Deprecated	337	DEPRECATED: WASC Threat Classification 2.0 - WASC-04 - Insufficient Transport Layer Protection
HasMember	Deprecated	338	DEPRECATED: WASC-05 - Remote File Inclusion
HasMember	Deprecated	339	DEPRECATED: WASC-06 - Format String
HasMember	Deprecated	340	DEPRECATED: WASC-07 - Buffer Overflow
HasMember	Deprecated	341	DEPRECATED: WASC-08 - Cross-Site Scripting
HasMember	Deprecated	342	DEPRECATED: WASC-09 - Cross-Site Request Forgery
HasMember	Deprecated	343	DEPRECATED: WASC-10 - Denial of Service
HasMember	Deprecated	344	DEPRECATED: WASC-11 - Brute Force
HasMember	Deprecated	345	DEPRECATED: WASC-12 - Content Spoofing
HasMember	Deprecated	346	DEPRECATED: WASC Threat Classification 2.0 - WASC-13 - Information Leakage
HasMember	Deprecated	347	DEPRECATED: WASC Threat Classification 2.0 - WASC-14 - Server Misconfiguration
HasMember	Deprecated	348	DEPRECATED: WASC Threat Classification 2.0 - WASC-15 - Application Misconfiguration
HasMember	Deprecated	349	DEPRECATED: WASC Threat Classification 2.0 - WASC-16 - Directory Indexing
HasMember	Deprecated	350	DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions
HasMember	Deprecated	351	DEPRECATED: WASC-18 - Credential/Session Prediction
HasMember	Deprecated	352	DEPRECATED: WASC-19 - SQL Injection
HasMember	Deprecated	353	DEPRECATED: WASC Threat Classification 2.0 - WASC-20 - Improper Input Handling
HasMember	Deprecated	354	DEPRECATED: WASC Threat Classification 2.0 - WASC-21 - Insufficient Anti-automation
HasMember	Deprecated	355	DEPRECATED: WASC Threat Classification 2.0 - WASC-22 - Improper Output Handling
HasMember	Deprecated	356	DEPRECATED: WASC-23 - XML Injection
HasMember	Deprecated	357	DEPRECATED: WASC-24 - HTTP Request Splitting
HasMember	Deprecated	358	DEPRECATED: WASC-25 - HTTP Response Splitting
HasMember	Deprecated	359	DEPRECATED: WASC-26 - HTTP Request Smuggling
HasMember	Deprecated	360	DEPRECATED: WASC-27 - HTTP Response Smuggling
HasMember	Deprecated	361	DEPRECATED: WASC-28 - Null Byte Injection
HasMember	Deprecated	362	DEPRECATED: WASC-29 - LDAP Injection
HasMember	Deprecated	363	DEPRECATED: WASC-30 - Mail Command Injection
HasMember	Deprecated	364	DEPRECATED: WASC-31 - OS Commanding
HasMember	Deprecated	365	DEPRECATED: WASC-32 - Routing Detour
HasMember	Deprecated	366	DEPRECATED: WASC-33 - Path Traversal
HasMember	Deprecated	367	DEPRECATED: WASC-34 - Predictable Resource Location
HasMember	Deprecated	368	DEPRECATED: WASC-35 - SOAP Array Abuse
HasMember	Deprecated	369	DEPRECATED: WASC-36 - SSI Injection
HasMember	Deprecated	370	DEPRECATED: WASC-37 - Session Fixation
HasMember	Deprecated	371	DEPRECATED: WASC-38 - URL Redirector Abuse
HasMember	Deprecated	372	DEPRECATED: WASC-39 - XPath Injection
HasMember	Deprecated	373	DEPRECATED: WASC Threat Classification 2.0 - WASC-40 - Insufficient Process Validation
HasMember	Deprecated	374	DEPRECATED: WASC-41 - XML Attribute Blowup
HasMember	Deprecated	375	DEPRECATED: WASC-42 - Abuse of Functionality
HasMember	Deprecated	376	DEPRECATED: WASC-43 - XML External Entities
HasMember	Deprecated	377	DEPRECATED: WASC-44 - XML Entity Expansion
HasMember	Deprecated	378	DEPRECATED: WASC-45 - Fingerprinting
HasMember	Deprecated	379	DEPRECATED: WASC-46 - XQuery Injection
HasMember	Deprecated	380	DEPRECATED: WASC Threat Classification 2.0 - WASC-47 - Insufficient Session Expiration
HasMember	Deprecated	381	DEPRECATED: WASC Threat Classification 2.0 - WASC-48 - Insecure Indexing
HasMember	Deprecated	382	DEPRECATED: WASC Threat Classification 2.0 - WASC-49 - Insufficient Password Recovery
HasMember	Deprecated	396	DEPRECATED: Bypassing Card or Badge-Based Systems
HasMember	Deprecated	404	DEPRECATED: Social Information Gathering Attacks
HasMember	Deprecated	405	DEPRECATED: Social Information Gathering via Research
HasMember	Deprecated	408	DEPRECATED: Information Gathering from Traditional Sources
HasMember	Deprecated	409	DEPRECATED: Information Gathering from Non-Traditional Sources
HasMember	Deprecated	411	DEPRECATED: Pretexting
HasMember	Deprecated	419	DEPRECATED: Target Influence via Perception of Concession
HasMember	Deprecated	430	DEPRECATED: Target Influence via Micro-Expressions
HasMember	Deprecated	431	DEPRECATED: Target Influence via Neuro-Linguistic Programming (NLP)
HasMember	Deprecated	432	DEPRECATED: Target Influence via Voice in NLP
HasMember	Deprecated	436	DEPRECATED: Gain Physical Access
HasMember	Deprecated	449	DEPRECATED: Malware Propagation via USB Stick
HasMember	Deprecated	450	DEPRECATED: Malware Propagation via USB U3 Autorun
HasMember	Deprecated	451	DEPRECATED: Malware Propagation via Infected Peripheral Device
HasMember	Deprecated	453	DEPRECATED: Malicious Logic Insertion via Counterfeit Hardware
HasMember	Deprecated	454	DEPRECATED: Modification of Existing Components with Counterfeit Hardware
HasMember	Deprecated	455	DEPRECATED: Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components
HasMember	Deprecated	484	DEPRECATED: XML Client-Side Attack
HasMember	Deprecated	525	DEPRECATED: Execute Code
HasMember	Deprecated	526	DEPRECATED: Alter System Components
HasMember	Deprecated	527	DEPRECATED: Manipulate System Users
HasMember	Deprecated	557	DEPRECATED: Schedule Software To Run
HasMember	Deprecated	566	DEPRECATED: Dump Password Hashes
HasMember	Deprecated	567	DEPRECATED: Obtain Data via Utilities
HasMember	Deprecated	570	DEPRECATED: Signature-Based Avoidance
HasMember	Deprecated	602	DEPRECATED: Degradation
HasMember	Deprecated	629	DEPRECATED: Unauthorized Use of Device Resources

View Metrics

	CAPECs in this view
Attack Patterns	56
Categories	57
Views	0
Total	113

Content History

Submissions
Submission Date	Submitter	Organization
2014-06-23 (Version 2.6)	CAPEC Content Team	The MITRE Corporation
2014-06-23 (Version 2.6)

More information is available — Please select a different filter.

Page Last Updated or Reviewed: July 31, 2018


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. CAPEC is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2007–2024, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.

Common Attack Pattern Enumeration and Classification

CAPEC VIEW: Deprecated Entries