New to CAPEC? Start Here
Home > CAPEC List > Reports > Differences between 3.0 and 3.1 Content  

Differences between 3.0 and 3.1 Content

Summary

Total (3.1) (not including Deprecated) 577
Total (3.0) (not including Deprecated) 577
Attack Patterns
New Patterns Added 2
Existing Patterns Modified with Enhanced Material 175
Patterns Deprecated 2
Categories
Existing Categories Modified with Enhanced Material 5
CAPEC -> CWE Mappings
CAPEC -> CWE Mappings Added 104
CAPEC -> CWE Mappings Removed 57
CAPEC -> CAPEC Mappings
CAPEC -> CAPEC Mappings Added 47
CAPEC -> CAPEC Mappings Removed 6

Summary of Entry Types

Type 3.0 3.1
Views 9 9
Categories 49 49
Attack Patterns 519 519
Deprecated 70 72

Back to top

Attack Pattern Changes

New Patterns Added
CAPEC-481 Contradictory Destinations in Traffic Routing Schemes
CAPEC-509 Kerberoasting

Existing Patterns Modified with Enhanced Material
CAPEC-2 Inducing Account Lockout
CAPEC-4 Using Alternative IP Address Encodings
CAPEC-5 Blue Boxing
CAPEC-6 Argument Injection
CAPEC-11 Cause Web Server Misclassification
CAPEC-23 File Content Injection
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths
CAPEC-39 Manipulating Opaque Client-based Data Tokens
CAPEC-40 Manipulating Writeable Terminal Devices
CAPEC-49 Password Brute Forcing
CAPEC-54 Query System for Information
CAPEC-55 Rainbow Table Password Cracking
CAPEC-66 SQL Injection
CAPEC-77 Manipulating User-Controlled Variables
CAPEC-89 Pharming
CAPEC-94 Man in the Middle Attack
CAPEC-98 Phishing
CAPEC-105 HTTP Request Splitting
CAPEC-117 Interception
CAPEC-121 Exploit Test APIs
CAPEC-122 Privilege Abuse
CAPEC-123 Buffer Manipulation
CAPEC-124 Shared Data Manipulation
CAPEC-129 Pointer Manipulation
CAPEC-132 Symlink Attack
CAPEC-133 Try All Common Switches
CAPEC-134 Email Injection
CAPEC-135 Format String Injection
CAPEC-136 LDAP Injection
CAPEC-137 Parameter Injection
CAPEC-138 Reflection Injection
CAPEC-139 Relative Path Traversal
CAPEC-140 Bypassing of Intermediate Forms in Multiple-Form Sets
CAPEC-145 Checksum Spoofing
CAPEC-149 Explore for Predictable Temporary File Names
CAPEC-150 Collect Data from Common Resource Locations
CAPEC-153 Input Data Manipulation
CAPEC-155 Screen Temporary Files for Sensitive Information
CAPEC-159 Redirect Access to Libraries
CAPEC-160 Exploit Script-Based APIs
CAPEC-163 Spear Phishing
CAPEC-166 Force the System to Reset Values
CAPEC-170 Web Application Fingerprinting
CAPEC-174 Flash Parameter Injection
CAPEC-176 Configuration/Environment Manipulation
CAPEC-178 Cross-Site Flashing
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-181 Flash File Overlay
CAPEC-182 Flash Injection
CAPEC-183 IMAP/SMTP Command Injection
CAPEC-185 Malicious Software Download
CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality
CAPEC-191 Read Sensitive Strings Within an Executable
CAPEC-193 PHP Remote File Inclusion
CAPEC-194 Fake the Source of Data
CAPEC-195 Principal Spoof
CAPEC-196 Session Credential Falsification through Forging
CAPEC-199 XSS Using Alternate Syntax
CAPEC-202 Create Malicious Client
CAPEC-206 Signing Malicious Code
CAPEC-207 Removing Important Client Functionality
CAPEC-218 Spoofing of UDDI/ebXML Messages
CAPEC-222 iFrame Overlay
CAPEC-226 Session Credential Falsification through Manipulation
CAPEC-228 DTD Injection
CAPEC-233 Privilege Escalation
CAPEC-242 Code Injection
CAPEC-244 XSS Targeting URI Placeholders
CAPEC-251 Local Code Inclusion
CAPEC-252 PHP Local File Inclusion
CAPEC-256 SOAP Array Overflow
CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data
CAPEC-263 Force Use of Corrupted Files
CAPEC-267 Leverage Alternate Encoding
CAPEC-268 Audit Log Manipulation
CAPEC-270 Modification of Registry Run Keys
CAPEC-271 Schema Poisoning
CAPEC-275 DNS Rebinding
CAPEC-277 Data Interchange Protocol Manipulation
CAPEC-278 Web Services Protocol Manipulation
CAPEC-279 SOAP Manipulation
CAPEC-292 Host Discovery
CAPEC-300 Port Scanning
CAPEC-309 Network Topology Mapping
CAPEC-383 Harvesting Information via API Event Monitoring
CAPEC-389 Content Spoofing Via Application API Manipulation
CAPEC-401 Hacking Hardware
CAPEC-402 Bypassing ATA Password Security
CAPEC-438 Modification During Manufacture
CAPEC-439 Manipulation During Distribution
CAPEC-440 Hardware Integrity Attack
CAPEC-442 Infected Software
CAPEC-452 Infected Hardware
CAPEC-456 Infected Memory
CAPEC-471 Search Order Hijacking
CAPEC-473 Signature Spoof
CAPEC-474 Signature Spoofing by Key Theft
CAPEC-475 Signature Spoofing by Improper Validation
CAPEC-476 Signature Spoofing by Misrepresentation
CAPEC-478 Modification of Windows Service Configuration
CAPEC-482 TCP Flood
CAPEC-484 XML Client-Side Attack
CAPEC-486 UDP Flood
CAPEC-487 ICMP Flood
CAPEC-488 HTTP Flood
CAPEC-489 SSL Flood
CAPEC-490 Amplification
CAPEC-491 XML Quadratic Expansion
CAPEC-492 Regular Expression Exponential Blowup
CAPEC-493 SOAP Array Blowup
CAPEC-494 TCP Fragmentation
CAPEC-495 UDP Fragmentation
CAPEC-496 ICMP Fragmentation
CAPEC-502 Intent Spoof
CAPEC-503 WebView Exposure
CAPEC-504 Task Impersonation
CAPEC-528 XML Flood
CAPEC-529 Malware-Directed Internal Reconnaissance
CAPEC-533 Malicious Manual Software Update
CAPEC-537 Infiltration of Hardware Development Environment
CAPEC-543 Counterfeit Websites
CAPEC-544 Counterfeit Organizations
CAPEC-547 Physical Destruction of Device or Component
CAPEC-549 Local Execution of Code
CAPEC-550 Install New Service
CAPEC-551 Modify Existing Service
CAPEC-552 Install Rootkit
CAPEC-554 Functionality Bypass
CAPEC-556 Replace File Extension Handlers
CAPEC-558 Replace Trusted Executable
CAPEC-560 Use of Known Domain Credentials
CAPEC-561 Windows Admin Shares with Stolen Credentials
CAPEC-562 Modify Shared File
CAPEC-563 Add Malicious File to Shared Webroot
CAPEC-564 Run Software at Logon
CAPEC-572 Artificially Inflate File Sizes
CAPEC-573 Process Footprinting
CAPEC-574 Services Footprinting
CAPEC-575 Account Footprinting
CAPEC-576 Group Permission Footprinting
CAPEC-577 Owner Footprinting
CAPEC-578 Disable Security Software
CAPEC-580 Application Footprinting
CAPEC-583 Disabling Network Hardware
CAPEC-587 Cross Frame Scripting (XFS)
CAPEC-588 DOM-Based XSS
CAPEC-589 DNS Blocking
CAPEC-590 IP Address Blocking
CAPEC-591 Reflected XSS
CAPEC-592 Stored XSS
CAPEC-594 Traffic Injection
CAPEC-595 Connection Reset
CAPEC-596 TCP RST Injection
CAPEC-598 DNS Spoofing
CAPEC-599 Terrestrial Jamming
CAPEC-601 Jamming
CAPEC-609 Cellular Traffic Intercept
CAPEC-611 BitSquatting
CAPEC-612 WiFi MAC Address Tracking
CAPEC-613 WiFi SSID Tracking
CAPEC-615 Evil Twin Wi-Fi Attack
CAPEC-627 Counterfeit GPS Signals
CAPEC-628 Carry-Off GPS Attack
CAPEC-630 TypoSquatting
CAPEC-631 SoundSquatting
CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-633 Token Impersonation
CAPEC-636 Hiding Malicious Data or Code within Files
CAPEC-640 Inclusion of Code in Existing Process
CAPEC-641 DLL Side-Loading
CAPEC-642 Replace Binaries
CAPEC-646 Peripheral Footprinting
CAPEC-647 Collect Data from Registries
CAPEC-649 Adding a Space to a File Extension
CAPEC-650 Upload a Web Shell to a Web Server

Patterns Deprecated
CAPEC-239 DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
CAPEC-566 DEPRECATED: Dump Password Hashes
Back to top

Category Changes

New Categories Added

Existing Categories Modified with Enhanced Material
CAPEC-403 Social Engineering
CAPEC-437 Supply Chain
CAPEC-512 Communications
CAPEC-513 Software
CAPEC-515 Hardware

Categories Deprecated
Back to top

View Changes

Views Added

Existing Views Modified with Enhanced Material

Views Deprecated
Back to top

Mapping Changes

CAPEC --> CWE Mappings Added
CAPEC-2 Inducing Account Lockout
  --> CWE-645 Overly Restrictive Account Lockout Mechanism
CAPEC-4 Using Alternative IP Address Encodings
  --> CWE-173 Improper Handling of Alternate Encoding
CAPEC-5 Blue Boxing
  --> CWE-285 Improper Authorization
CAPEC-6 Argument Injection
  --> CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC-11 Cause Web Server Misclassification
  --> CWE-430 Deployment of Wrong Handler
CAPEC-23 File Content Injection
  --> CWE-20 Improper Input Validation
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths
  --> CWE-427 Uncontrolled Search Path Element
CAPEC-40 Manipulating Writeable Terminal Devices
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-55 Rainbow Table Password Cracking
  --> CWE-916 Use of Password Hash With Insufficient Computational Effort
CAPEC-117 Interception
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-121 Exploit Test APIs
  --> CWE-489 Leftover Debug Code
CAPEC-122 Privilege Abuse
  --> CWE-269 Improper Privilege Management
CAPEC-123 Buffer Manipulation
  --> CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC-129 Pointer Manipulation
  --> CWE-822 Untrusted Pointer Dereference
  --> CWE-823 Use of Out-of-range Pointer Offset
CAPEC-133 Try All Common Switches
  --> CWE-912 Hidden Functionality
CAPEC-134 Email Injection
  --> CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences
CAPEC-137 Parameter Injection
  --> CWE-88 Argument Injection or Modification
CAPEC-140 Bypassing of Intermediate Forms in Multiple-Form Sets
  --> CWE-372 Incomplete Internal State Distinction
CAPEC-145 Checksum Spoofing
  --> CWE-354 Improper Validation of Integrity Check Value
CAPEC-150 Collect Data from Common Resource Locations
  --> CWE-552 Files or Directories Accessible to External Parties
CAPEC-153 Input Data Manipulation
  --> CWE-20 Improper Input Validation
CAPEC-155 Screen Temporary Files for Sensitive Information
  --> CWE-377 Insecure Temporary File
CAPEC-159 Redirect Access to Libraries
  --> CWE-706 Use of Incorrectly-Resolved Name or Reference
CAPEC-160 Exploit Script-Based APIs
  --> CWE-346 Origin Validation Error
CAPEC-166 Force the System to Reset Values
  --> CWE-306 Missing Authentication for Critical Function
CAPEC-170 Web Application Fingerprinting
  --> CWE-497 Exposure of System Data to an Unauthorized Control Sphere
CAPEC-174 Flash Parameter Injection
  --> CWE-88 Argument Injection or Modification
CAPEC-176 Configuration/Environment Manipulation
  --> CWE-15 External Control of System or Configuration Setting
CAPEC-181 Flash File Overlay
  --> CWE-1021 Improper Restriction of Rendered UI Layers or Frames
CAPEC-183 IMAP/SMTP Command Injection
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality
  --> CWE-912 Hidden Functionality
CAPEC-222 iFrame Overlay
  --> CWE-1021 Improper Restriction of Rendered UI Layers or Frames
CAPEC-226 Session Credential Falsification through Manipulation
  --> CWE-472 External Control of Assumed-Immutable Web Parameter
  --> CWE-565 Reliance on Cookies without Validation and Integrity Checking
CAPEC-228 DTD Injection
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-233 Privilege Escalation
  --> CWE-269 Improper Privilege Management
CAPEC-242 Code Injection
  --> CWE-94 Improper Control of Generation of Code ('Code Injection')
CAPEC-244 XSS Targeting URI Placeholders
  --> CWE-83 Improper Neutralization of Script in Attributes in a Web Page
CAPEC-251 Local Code Inclusion
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-252 PHP Local File Inclusion
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-256 SOAP Array Overflow
  --> CWE-805 Buffer Access with Incorrect Length Value
CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data
  --> CWE-20 Improper Input Validation
CAPEC-263 Force Use of Corrupted Files
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-268 Audit Log Manipulation
  --> CWE-117 Improper Output Neutralization for Logs
CAPEC-270 Modification of Registry Run Keys
  --> CWE-15 External Control of System or Configuration Setting
CAPEC-277 Data Interchange Protocol Manipulation
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-278 Web Services Protocol Manipulation
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-279 SOAP Manipulation
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-389 Content Spoofing Via Application API Manipulation
  --> CWE-353 Missing Support for Integrity Check
CAPEC-402 Bypassing ATA Password Security
  --> CWE-285 Improper Authorization
CAPEC-474 Signature Spoofing by Key Theft
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-475 Signature Spoofing by Improper Validation
  --> CWE-327 Use of a Broken or Risky Cryptographic Algorithm
CAPEC-476 Signature Spoofing by Misrepresentation
  --> CWE-290 Authentication Bypass by Spoofing
CAPEC-478 Modification of Windows Service Configuration
  --> CWE-284 Improper Access Control
CAPEC-482 TCP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-484 XML Client-Side Attack
  --> CWE-91 XML Injection (aka Blind XPath Injection)
CAPEC-486 UDP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-487 ICMP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-488 HTTP Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-489 SSL Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-490 Amplification
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-491 XML Quadratic Expansion
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-492 Regular Expression Exponential Blowup
  --> CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
CAPEC-493 SOAP Array Blowup
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-494 TCP Fragmentation
  --> CWE-404 Improper Resource Shutdown or Release
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-495 UDP Fragmentation
  --> CWE-404 Improper Resource Shutdown or Release
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-496 ICMP Fragmentation
  --> CWE-404 Improper Resource Shutdown or Release
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-502 Intent Spoof
  --> CWE-284 Improper Access Control
CAPEC-503 WebView Exposure
  --> CWE-284 Improper Access Control
CAPEC-504 Task Impersonation
  --> CWE-1021 Improper Restriction of Rendered UI Layers or Frames
CAPEC-509 Kerberoasting
  --> CWE-552 Files or Directories Accessible to External Parties
CAPEC-528 XML Flood
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-533 Malicious Manual Software Update
  --> CWE-494 Download of Code Without Integrity Check
CAPEC-537 Infiltration of Hardware Development Environment
  --> CWE-125 Out-of-bounds Read
CAPEC-549 Local Execution of Code
  --> CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CAPEC-550 Install New Service
  --> CWE-284 Improper Access Control
CAPEC-551 Modify Existing Service
  --> CWE-284 Improper Access Control
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-552 Install Rootkit
  --> CWE-284 Improper Access Control
CAPEC-554 Functionality Bypass
  --> CWE-424 Improper Protection of Alternate Path
CAPEC-556 Replace File Extension Handlers
  --> CWE-284 Improper Access Control
CAPEC-558 Replace Trusted Executable
  --> CWE-284 Improper Access Control
CAPEC-560 Use of Known Domain Credentials
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-561 Windows Admin Shares with Stolen Credentials
  --> CWE-522 Insufficiently Protected Credentials
CAPEC-562 Modify Shared File
  --> CWE-284 Improper Access Control
CAPEC-563 Add Malicious File to Shared Webroot
  --> CWE-284 Improper Access Control
CAPEC-564 Run Software at Logon
  --> CWE-284 Improper Access Control
CAPEC-578 Disable Security Software
  --> CWE-284 Improper Access Control
CAPEC-588 DOM-Based XSS
  --> CWE-83 Improper Neutralization of Script in Attributes in a Web Page
CAPEC-589 DNS Blocking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-590 IP Address Blocking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-594 Traffic Injection
  --> CWE-940 Improper Verification of Source of a Communication Channel
CAPEC-595 Connection Reset
  --> CWE-940 Improper Verification of Source of a Communication Channel
CAPEC-596 TCP RST Injection
  --> CWE-940 Improper Verification of Source of a Communication Channel
CAPEC-609 Cellular Traffic Intercept
  --> CWE-311 Missing Encryption of Sensitive Data
CAPEC-612 WiFi MAC Address Tracking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-613 WiFi SSID Tracking
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-615 Evil Twin Wi-Fi Attack
  --> CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
CAPEC-649 Adding a Space to a File Extension
  --> CWE-46 Path Equivalence: 'filename ' (Trailing Space)
CAPEC-650 Upload a Web Shell to a Web Server
  --> CWE-287 Improper Authentication

CAPEC --> CWE Mappings Removed
CAPEC-2 Inducing Account Lockout
  --> CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
CAPEC-4 Using Alternative IP Address Encodings
  --> CWE-41 Improper Resolution of Path Equivalence
  --> CWE-180 Incorrect Behavior Order: Validate Before Canonicalize
  --> CWE-345 Insufficient Verification of Data Authenticity
  --> CWE-697 Incorrect Comparison
  --> CWE-707 Improper Enforcement of Message or Data Structure
CAPEC-5 Blue Boxing
  --> CWE-264 Permissions, Privileges, and Access Controls
CAPEC-6 Argument Injection
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-11 Cause Web Server Misclassification
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC-23 File Content Injection
  --> CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  --> CWE-23 Relative Path Traversal
  --> CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
  --> CWE-713 OWASP Top Ten 2007 Category A2 - Injection Flaws
  --> CWE-715 OWASP Top Ten 2007 Category A4 - Insecure Direct Object Reference
CAPEC-40 Manipulating Writeable Terminal Devices
  --> CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
  --> CWE-306 Missing Authentication for Critical Function
CAPEC-54 Query System for Information
  --> CWE-248 Uncaught Exception
  --> CWE-717 OWASP Top Ten 2007 Category A6 - Information Leakage and Improper Error Handling
CAPEC-117 Interception
  --> CWE-200 Information Exposure
CAPEC-121 Exploit Test APIs
  --> CWE-770 Allocation of Resources Without Limits or Throttling
CAPEC-122 Privilege Abuse
  --> CWE-434 Unrestricted Upload of File with Dangerous Type
  --> CWE-602 Client-Side Enforcement of Server-Side Security
CAPEC-124 Shared Data Manipulation
  --> CWE-682 Incorrect Calculation
CAPEC-133 Try All Common Switches
  --> CWE-88 Argument Injection or Modification
  --> CWE-559 Often Misused: Arguments and Parameters
  --> CWE-656 Reliance on Security Through Obscurity
CAPEC-155 Screen Temporary Files for Sensitive Information
  --> CWE-311 Missing Encryption of Sensitive Data
CAPEC-159 Redirect Access to Libraries
  --> CWE-426 Untrusted Search Path
  --> CWE-427 Uncontrolled Search Path Element
  --> CWE-428 Unquoted Search Path or Element
CAPEC-174 Flash Parameter Injection
  --> CWE-184 Incomplete Blacklist
  --> CWE-185 Incorrect Regular Expression
  --> CWE-697 Incorrect Comparison
CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality or Content
  --> CWE-259 Use of Hard-coded Password
  --> CWE-798 Use of Hard-coded Credentials
CAPEC-191 Read Sensitive Strings Within an Executable
  --> CWE-259 Use of Hard-coded Password
CAPEC-196 Session Credential Falsification through Forging
  --> CWE-361 7PK - Time and State
CAPEC-228 DTD Injection
  --> CWE-100 DEPRECATED: Technology-Specific Input Validation Problems
CAPEC-242 Code Injection
  --> CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC-244 XSS Targeting URI Placeholders
  --> CWE-84 Improper Neutralization of Encoded URI Schemes in a Web Page
CAPEC-271 Schema Poisoning
  --> CWE-472 External Control of Assumed-Immutable Web Parameter
CAPEC-279 SOAP Manipulation
  --> CWE-674 Uncontrolled Recursion
CAPEC-389 Content Spoofing Via Application API Manipulation
  --> CWE-311 Missing Encryption of Sensitive Data
  --> CWE-345 Insufficient Verification of Data Authenticity
  --> CWE-346 Origin Validation Error
  --> CWE-602 Client-Side Enforcement of Server-Side Security
CAPEC-474 Signature Spoofing by Key Theft
  --> CWE-216 Containment Errors (Container Errors)
  --> CWE-284 Improper Access Control
  --> CWE-693 Protection Mechanism Failure
CAPEC-475 Signature Spoofing by Improper Validation
  --> CWE-693 Protection Mechanism Failure
CAPEC-478 Modification of Windows Service Configuration
  --> CWE-285 Improper Authorization
CAPEC-484 XML Client-Side Attack
  --> CWE-19 Data Processing Errors
CAPEC-578 Disable Security Software
  --> CWE-285 Improper Authorization
CAPEC-591 Reflected XSS
  --> CWE-20 Improper Input Validation
CAPEC-592 Stored XSS
  --> CWE-20 Improper Input Validation
CAPEC-640 Inclusion of Code in Existing Process
  --> CWE-706 Use of Incorrectly-Resolved Name or Reference
CAPEC-649 Adding a Space to a File Extension
  --> CWE-64 Windows Shortcut Following (.LNK)

CAPEC --> CAPEC Mappings Added
CAPEC-89 Pharming
CanFollow   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-543 Counterfeit Websites
CanFollow   --> CAPEC-611 BitSquatting
CanFollow   --> CAPEC-630 TypoSquatting
CanFollow   --> CAPEC-631 SoundSquatting
CanFollow   --> CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-94 Man in the Middle Attack
CanFollow   --> CAPEC-185 Malicious Software Download
CAPEC-98 Phishing
CanPrecede   --> CAPEC-89 Pharming
CanPrecede   --> CAPEC-543 Counterfeit Websites
CanPrecede   --> CAPEC-611 BitSquatting
CanPrecede   --> CAPEC-630 TypoSquatting
CanPrecede   --> CAPEC-631 SoundSquatting
CanPrecede   --> CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-105 HTTP Request Splitting
PeerOf   --> CAPEC-34 HTTP Response Splitting
CAPEC-163 Spear Phishing
CanFollow   --> CAPEC-116 Excavation
CAPEC-174 Flash Parameter Injection
CanPrecede   --> CAPEC-178 Cross-Site Flashing
Has Child   --> CAPEC-182 Flash Injection
CAPEC-196 Session Credential Falsification through Forging
CanPrecede   --> CAPEC-61 Session Fixation
CAPEC-383 Harvesting Information via API Event Monitoring
Has Child   --> CAPEC-407 Pretexting
CAPEC-403 Social Engineering
Has Member   --> CAPEC-151 Identity Spoofing
Has Member   --> CAPEC-154 Resource Location Spoofing
CAPEC-481 Contradictory Destinations in Traffic Routing Schemes
Has Child   --> CAPEC-161 Infrastructure Manipulation
CAPEC-509 Kerberoasting
Has Child   --> CAPEC-560 Use of Known Domain Credentials
CAPEC-512 Communications
Has Member   --> CAPEC-148 Content Spoofing
Has Member   --> CAPEC-151 Identity Spoofing
Has Member   --> CAPEC-154 Resource Location Spoofing
Has Member   --> CAPEC-169 Footprinting
CAPEC-513 Software
Has Member   --> CAPEC-441 Malicious Logic Insertion
CAPEC-515 Hardware
Has Member   --> CAPEC-148 Content Spoofing
Has Member   --> CAPEC-154 Resource Location Spoofing
CAPEC-543 Counterfeit Websites
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-611 BitSquatting
CanFollow   --> CAPEC-630 TypoSquatting
CanFollow   --> CAPEC-631 SoundSquatting
CanFollow   --> CAPEC-632 Homograph Attack via Homoglyphs
CAPEC-611 BitSquatting
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites
CAPEC-630 TypoSquatting
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites
CAPEC-631 SoundSquatting
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites
CAPEC-632 Homograph Attack via Homoglyphs
CanPrecede   --> CAPEC-89 Pharming
CanFollow   --> CAPEC-98 Phishing
CanPrecede   --> CAPEC-543 Counterfeit Websites

CAPEC --> CAPEC Mappings Removed
CAPEC-163 Spear Phishing
CanFollow   --> CAPEC-118 Collect and Analyze Information
CAPEC-174 Flash Parameter Injection
Has Child   --> CAPEC-137 Parameter Injection
CAPEC-239 Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
Has Child   --> CAPEC-207 Removing Important Client Functionality
CAPEC-383 Harvesting Information via API Event Monitoring
Has Child   --> CAPEC-567 DEPRECATED: Obtain Data via Utilities
CAPEC-515 Hardware
Has Member   --> CAPEC-169 Footprinting
CAPEC-566 Dump Password Hashes
Has Child   --> CAPEC-567 DEPRECATED: Obtain Data via Utilities
Back to top
More information is available — Please select a different filter.
Page Last Updated or Reviewed: April 04, 2019
 

Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. Copyright © 2007–2025, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.