CAPEC VIEW: Deprecated Entries
View ID: 483
Status: Draft
Objective
CAPEC nodes in this view (slice) have been deprecated.
Filter
/Attack_Pattern_Catalog/*/*[@Status='Deprecated']
Membership
View Metrics
CAPECs in this view Attack Patterns 55 Categories 57 Views 0 Total 112
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
View Components
View Components
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z
CAPEC-430: DEPRECATED: Target Influence via Micro-Expressions
Attack Pattern ID: 430
Status: Deprecated
Description
This attack pattern has been deprecated.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2018-07-31 Target Influence via Micro-Expressions
CAPEC-431: DEPRECATED: Target Influence via Neuro-Linguistic Programming (NLP)
Attack Pattern ID: 431
Status: Deprecated
Description
This attack pattern has been deprecated.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2018-07-31 Target Influence via Neuro-Linguistic Programming (NLP)
CAPEC-432: DEPRECATED: Target Influence via Voice in NLP
Attack Pattern ID: 432
Status: Deprecated
Description
This attack pattern has been deprecated.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2018-07-31 Target Influence via Voice in NLP
CAPEC-257: DEPRECATED: Abuse of Transaction Data Structure
Attack Pattern ID: 257
Status: Deprecated
Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 Abuse of Transaction Data Structure
CAPEC CATEGORY: DEPRECATED: Alter System Components
Category ID: 526
Status: Deprecated
Summary
This category has been deprecated as it is no longer used in any view.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Previous Entry Names Change Date Previous Entry Name 2017-05-01 Alter System Components
CAPEC CATEGORY: DEPRECATED: Analyze Target
Category ID: 281
Status: Deprecated
Summary
This category has been deprecated as it is no longer used in any view.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description, Other_Notes Previous Entry Names Change Date Previous Entry Name 2017-05-01 Analyze Target
CAPEC-396: DEPRECATED: Bypassing Card or Badge-Based Systems
Attack Pattern ID: 396
Status: Deprecated
Description
This attack pattern has been deprecated as it a generalization of
CAPEC-397 : Cloning Magnetic Strip Cards,
CAPEC-398 : Magnetic Strip Card Brute Force Attacks,
CAPEC-399 : Cloning RFID Cards or Chips and
CAPEC-400 : RFID Chip Deactivation or Destruction. Please refer to these CAPECs going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2019-09-30 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Description, References, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2019-09-30 Bypassing Card or Badge-Based Systems
CAPEC-236: DEPRECATED: Catching exception throw/signal from privileged block
Attack Pattern ID: 236
Status: Deprecated
Description
This attack pattern has been deprecated as it did not have enough distinction from
CAPEC-30 : Hijacking a Privileged Thread of Execution. Please refer to
CAPEC-30 moving forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Resources_Required 2020-07-30 CAPEC Content Team The MITRE Corporation Updated Execution_Flow 2021-10-21 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Consequences, Description, Example_Instances, Execution_Flow, Likelihood_Of_Attack, Mitigations, Prerequisites, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Skills_Required, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2021-10-21 Catching exception throw/signal from privileged block
CAPEC-241: DEPRECATED: Code Injection
Attack Pattern ID: 241
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-242 : Code Injection". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-12-07 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 Code Injection
CAPEC-602: DEPRECATED: Degradation
Attack Pattern ID: 602
Status: Deprecated
Description
This attack pattern has been deprecated.
Content History
Submissions Submission Date Submitter Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 Degradation
CAPEC CATEGORY: DEPRECATED: Deplete Resources
Category ID: 119
Status: Deprecated
Summary
This category has been deprecated as it is no longer used by any of the Views.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description, Related_Weaknesses, Resources_Required Previous Entry Names Change Date Previous Entry Name 2017-05-01 Deplete Resources
CAPEC-213: DEPRECATED: Directory Traversal
Attack Pattern ID: 213
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-126 : Path Traversal". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-12-07 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Attack_Motivation-Consequences, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, Description Summary, Related_Attack_Patterns, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations Previous Entry Names Change Date Previous Entry Name 2017-01-09 Directory Traversal
CAPEC-254: DEPRECATED: DTD Injection in a SOAP Message
Attack Pattern ID: 254
Status: Deprecated
Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the pattern
CAPEC-228 : DTD Injection going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2017-05-01 DTD Injection in a SOAP Message
CAPEC-566: DEPRECATED: Dump Password Hashes
Attack Pattern ID: 566
Status: Deprecated
Description
This CAPEC has been deprecated because of is not directly related to a weakness, social engineering, supply chains, or a physical-based attack.
Content History
Submissions Submission Date Submitter Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2019-04-04 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Description, Prerequisites, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2019-04-04 Dump Password Hashes
CAPEC-264: DEPRECATED: Environment Variable Manipulation
Attack Pattern ID: 264
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-13 : Subverting Environment Variable Values". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations Previous Entry Names Change Date Previous Entry Name 2017-05-01 Environment Variable Manipulation
CAPEC CATEGORY: DEPRECATED: Execute Code
Category ID: 525
Status: Deprecated
Summary
This category has been deprecated as it is no longer used in any view.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Description, Relationships 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description, Relationships Previous Entry Names Change Date Previous Entry Name 2015-11-09 Malicious Code Execution 2017-05-01 Execute Code
CAPEC CATEGORY: DEPRECATED: Exploitation of Authorization
Category ID: 232
Status: Deprecated
Summary
This category has been deprecated as it is no longer used by any of the Views.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-12-07 CAPEC Content Team The MITRE Corporation Updated Related_Weaknesses, Relationships 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Previous Entry Names Change Date Previous Entry Name 2017-05-01 Exploitation of Authorization
CAPEC-214: DEPRECATED: Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping
Attack Pattern ID: 214
Status: Deprecated
Description
This attack pattern has been deprecated as it was merged into "
CAPEC-215 : Fuzzing for application mapping". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Description, Prerequisites, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2020-12-17 Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping
CAPEC CATEGORY: DEPRECATED: Gain Physical Access
Category ID: 436
Status: Deprecated
Summary
This category has been deprecated as it is no longer used in any view.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Previous Entry Names Change Date Previous Entry Name 2017-05-01 Gain Physical Access
CAPEC-265: DEPRECATED: Global variable manipulation
Attack Pattern ID: 265
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-77 : Manipulating User-Controlled Variables". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations Previous Entry Names Change Date Previous Entry Name 2017-05-01 Global variable manipulation
CAPEC-288: DEPRECATED: ICMP Echo Request Ping
Attack Pattern ID: 288
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-285 ". Please refer to this other CAPEC going forward.
Typical Severity
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns
CAPEC-316: DEPRECATED: ICMP Fingerprinting Probes
Attack Pattern ID: 316
Status: Deprecated
Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level pattern
CAPEC-312 : Active OS Fingerprinting going forward, or to any of the detailed patterns that are children of
CAPEC-312 .
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 ICMP Fingerprinting Probes
CAPEC-235: DEPRECATED: Implementing a callback to system routine (old AWT Queue)
Attack Pattern ID: 235
Status: Deprecated
Description
This attack pattern has been deprecated. Please refer to CAPEC:30 - Hijacking a Privileged Thread of Execution.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2018-07-31 Implementing a callback to system routine (old AWT Queue)
CAPEC-409: DEPRECATED: Information Gathering from Non-Traditional Sources
Attack Pattern ID: 409
Status: Deprecated
Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to
CAPEC-118 : Collect and Analyze Information.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Description Summary, Related_Attack_Patterns, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References Previous Entry Names Change Date Previous Entry Name 2017-08-04 Information Gathering from Non-Traditional Sources
CAPEC-408: DEPRECATED: Information Gathering from Traditional Sources
Attack Pattern ID: 408
Status: Deprecated
Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to
CAPEC-118 : Collect and Analyze Information.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Description Summary, Related_Attack_Patterns, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References Previous Entry Names Change Date Previous Entry Name 2017-08-04 Information Gathering from Traditional Sources
CAPEC-289: DEPRECATED: Infrastructure-based footprinting
Attack Pattern ID: 289
Status: Deprecated
Description
This attack pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the meta level pattern
CAPEC-169 : going forward, or to any of its children patterns.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Resources_Required, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Targeted_OSI_Layers, Typical_Severity
CAPEC-314: DEPRECATED: IP Fingerprinting Probes
Attack Pattern ID: 314
Status: Deprecated
Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level pattern
CAPEC-312 : Active OS Fingerprinting going forward, or to any of the detailed patterns that children of
CAPEC-312 .
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-05-01 IP Fingerprinting Probes
CAPEC-211: DEPRECATED: Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior
Attack Pattern ID: 211
Status: Deprecated
Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-12-07 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior
CAPEC-205: DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin)
Attack Pattern ID: 205
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-37 : Retrieve Embedded Sensitive Data. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-05-01 Lifting credential(s)/key material embedded in client distributions (thick or thin)
CAPEC-249: DEPRECATED: Linux Terminal Injection
Attack Pattern ID: 249
Status: Deprecated
Description
This attack pattern has been deprecated as it is covered by "
CAPEC-40 : Manipulating Writeable Terminal Devices". Please refer to this CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2018-07-31 Linux Terminal Injection
CAPEC-453: DEPRECATED: Malicious Logic Insertion via Counterfeit Hardware
Attack Pattern ID: 453
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-452 : Malicious Logic Insertion into Product Hardware. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2017-05-01 Malicious Logic Insertion via Counterfeit Hardware
CAPEC-455: DEPRECATED: Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components
Attack Pattern ID: 455
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-457 : Malicious Logic Insertion into Product Hardware. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, Examples-Instances, References, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2017-05-01 Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components
CAPEC-451: DEPRECATED: Malware Propagation via Infected Peripheral Device
Attack Pattern ID: 451
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-448 : Malware Infection into Product Software. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Summary, Related_Attack_Patterns 2018-07-31 CAPEC Content Team The MITRE Corporation Updated References Previous Entry Names Change Date Previous Entry Name 2017-05-01 Malware Propagation via Infected Peripheral Device
CAPEC-449: DEPRECATED: Malware Propagation via USB Stick
Attack Pattern ID: 449
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-448 : Malware Infection into Product Software. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, Examples-Instances, References, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2017-05-01 Malware Propagation via USB Stick
CAPEC-450: DEPRECATED: Malware Propagation via USB U3 Autorun
Attack Pattern ID: 450
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-448 : Malware Infection into Product Software. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2017-05-01 Malware Propagation via USB U3 Autorun
CAPEC-266: DEPRECATED: Manipulate Canonicalization
Attack Pattern ID: 266
Status: Deprecated
Description
This attack pattern has been deprecated.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 Manipulate Canonicalization
CAPEC CATEGORY: DEPRECATED: Manipulate System Users
Category ID: 527
Status: Deprecated
Summary
This category has been deprecated as it is no longer used in any view.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships Previous Entry Names Change Date Previous Entry Name 2017-05-01 Manipulate System Users
CAPEC-454: DEPRECATED: Modification of Existing Components with Counterfeit Hardware
Attack Pattern ID: 454
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-452 : Malicious Logic Insertion into Product Hardware. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2017-05-01 Modification of Existing Components with Counterfeit Hardware
CAPEC-567: DEPRECATED: Obtain Data via Utilities
Attack Pattern ID: 567
Status: Deprecated
Description
This CAPEC has been deprecated because it is not directly related to a weakness, social engineering, supply chains, or a physical-based attack.
Content History
Submissions Submission Date Submitter Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns 2020-07-30 CAPEC Content Team The MITRE Corporation Updated Description Previous Entry Names Change Date Previous Entry Name 2018-07-31 Obtain Data via Utilities
CAPEC-311: DEPRECATED: OS Fingerprinting
Attack Pattern ID: 311
Status: Deprecated
Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level patterns
CAPEC-312 : Active OS Fingerprinting or
CAPEC-313 : Passive OS Fingerprinting going forward, or to any of the detailed patterns that are children of them.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Updated References 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 OS Fingerprinting
CAPEC-258: DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update
Attack Pattern ID: 258
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-65 : Sniff Application Code". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Languages, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-01-09 Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update
CAPEC-260: DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution
Attack Pattern ID: 260
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-65 : Sniff Application Code". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Languages, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-01-09 Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution
CAPEC-259: DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching
Attack Pattern ID: 259
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-65 : Sniff Application Code". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Languages, Methods_of_Attack, Platforms, Purposes, Related_Attack_Patterns, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-01-09 Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching
CAPEC-411: DEPRECATED: Pretexting
Attack Pattern ID: 411
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-407 : Social Information Gathering via Pretexting". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity
CAPEC CATEGORY: DEPRECATED: Reconnaissance
Category ID: 286
Status: Deprecated
Summary
This category has been deprecated as it is no longer used in any view.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description Previous Entry Names Change Date Previous Entry Name 2017-05-01 Reconnaissance
CAPEC-269: DEPRECATED: Registry Manipulation
Attack Pattern ID: 269
Status: Deprecated
Description
This pattern has been deprecated as it was determined to be a duplicate of another pattern. Please refer to the pattern
CAPEC-203 : Manipulate Application Registry Values going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary, Related_Attack_Patterns
CAPEC-56: DEPRECATED: Removing/short-circuiting 'guard logic'
Attack Pattern ID: 56
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of
CAPEC-207 : Removing Important Client Functionality. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-12-07 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Activation_Zone, Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Injection_Vector, Languages, Payload, Payload_Activation_Impact, Platforms, Probing_Techniques, Purposes, Related_Attack_Patterns, Related_Guidelines, Related_Security_Principles, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-05-01 Removing/short-circuiting 'guard logic'
CAPEC-557: DEPRECATED: Schedule Software To Run
Attack Pattern ID: 557
Status: Deprecated
Description
This CAPEC has been deprecated because it is not directly related to a weakness, social engineering, supply chains, or a physical-based attack.
Content History
Submissions Submission Date Submitter Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns, Solutions_and_Mitigations 2020-07-30 CAPEC Content Team The MITRE Corporation Updated Description Previous Entry Names Change Date Previous Entry Name 2018-07-31 Schedule Software To Run
CAPEC-570: DEPRECATED: Signature-Based Avoidance
Attack Pattern ID: 570
Status: Deprecated
Description
This CAPEC has been deprecated because it is not directly related to a weakness, social engineering, supply chains, or a physical-based attack.
Content History
Submissions Submission Date Submitter Organization 2015-11-09 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns, Solutions_and_Mitigations 2020-07-30 CAPEC Content Team The MITRE Corporation Updated Description Previous Entry Names Change Date Previous Entry Name 2018-07-31 Signature-Based Avoidance
CAPEC-280: DEPRECATED: SOAP Parameter Tampering
Attack Pattern ID: 280
Status: Deprecated
Description
This attack pattern has been deprecated as its contents have been included in
CAPEC-279 : SOAP Manipulation. Please refer to this other pattern going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Resources_Required, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2018-07-31 SOAP Parameter Tampering
CAPEC-404: DEPRECATED: Social Information Gathering Attacks
Attack Pattern ID: 404
Status: Deprecated
Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to
CAPEC-118 : Collect and Analyze Information.
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Description Summary, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-08-04 Social Information Gathering Attacks
CAPEC-405: DEPRECATED: Social Information Gathering via Research
Attack Pattern ID: 405
Status: Deprecated
Description
This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Please refer to
CAPEC-118 : Collect and Analyze Information.
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Description Summary, Related_Attack_Patterns, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-08-04 Social Information Gathering via Research
CAPEC-239: DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
Attack Pattern ID: 239
Status: Deprecated
Description
This attack pattern has been deprecated as it did not contain any content and did not serve any useful purpose. Please refer to "
CAPEC-207 : removing Important Client Functionality" going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2015-12-07 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary 2019-04-04 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Description, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2018-07-31 Subversion of authorization checks: cache filtering, programmatic security, etc. 2019-04-04 Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc.
CAPEC-419: DEPRECATED: Target Influence via Perception of Concession
Attack Pattern ID: 419
Status: Deprecated
Description
This attack pattern has been deprecated as it was deemed not to be a legitimate pattern.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Description Summary, References, Related_Attack_Patterns, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-08-04 Target Influence via Perception of Concession
CAPEC-315: DEPRECATED: TCP/IP Fingerprinting Probes
Attack Pattern ID: 315
Status: Deprecated
Description
This pattern has been deprecated as it was determined to be an unnecessary layer of abstraction. Please refer to the standard level pattern
CAPEC-312 : Active OS Fingerprinting going forward, or to any of the detailed patterns that are children of
CAPEC-312 .
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Attack_Patterns, Target_Attack_Surface, Target_Attack_Surface_Localities, Target_Attack_Surface_Types, Target_Functional_Services, Targeted_OSI_Layers, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 TCP/IP Fingerprinting Probes
CAPEC-238: DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege
Attack Pattern ID: 238
Status: Deprecated
Description
This attack pattern has been deprecated as it did not appear to be a valid attack pattern.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary, Related_Attack_Patterns Previous Entry Names Change Date Previous Entry Name 2018-07-31 Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege
CAPEC-171: DEPRECATED: Variable Manipulation
Attack Pattern ID: 171
Status: Deprecated
Description
This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "
CAPEC-77 : Manipulating User-Controlled Variables". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Prerequisites, Description Summary, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-05-01 Variable Manipulation
CAPEC-82: DEPRECATED: Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Service (XDoS))
Attack Pattern ID: 82
Status: Deprecated
Description
This attack pattern has been deprecated as it a generalization of
CAPEC-230 : XML Nested Payloads,
CAPEC-231 : XML Oversized Payloads, and
CAPEC-147 : XML Ping of Death. Please refer to these CAPECs going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description, Description Summary 2019-09-30 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Consequences, Description, Example_Instances, Likelihood_Of_Attack, Mitigations, Prerequisites, Related_Weaknesses, Skills_Required, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2019-09-30 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Service (XDoS))
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-01 - Insufficient Authentication
Category ID: 334
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Authentication
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-02 - Insufficient Authorization
Category ID: 335
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Authorization
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-04 - Insufficient Transport Layer Protection
Category ID: 337
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Transport Layer Protection
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-13 - Information Leakage
Category ID: 346
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Information Leakage
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-14 - Server Misconfiguration
Category ID: 347
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Server Misconfiguration
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-15 - Application Misconfiguration
Category ID: 348
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Application Misconfiguration
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-16 - Directory Indexing
Category ID: 349
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Directory Indexing
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-17 - Improper Filesystem Permissions
Category ID: 350
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Improper Filesystem Permissions
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-20 - Improper Input Handling
Category ID: 353
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Improper Input Handling
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-21 - Insufficient Anti-automation
Category ID: 354
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Anti-automation
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-22 - Improper Output Handling
Category ID: 355
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Improper Output Handling
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-40 - Insufficient Process Validation
Category ID: 373
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Process Validation
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-47 - Insufficient Session Expiration
Category ID: 380
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Session Expiration
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-48 - Insecure Indexing
Category ID: 381
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insecure Indexing
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC Threat Classification 2.0 - WASC-49 - Insufficient Password Recovery
Category ID: 382
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Insufficient Password Recovery
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation
CAPEC CATEGORY: DEPRECATED: WASC-03 - Integer Overflows
Category ID: 336
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Integer Overflows
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-03 - Integer Overflows
CAPEC CATEGORY: DEPRECATED: WASC-05 - Remote File Inclusion
Category ID: 338
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Remote File Inclusion
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-05 - Remote File Inclusion
CAPEC CATEGORY: DEPRECATED: WASC-06 - Format String
Category ID: 339
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Format String
Membership
Nature Type ID Name HasMember Detailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal. 67 String Format Overflow in syslog()
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-06 - Format String
CAPEC CATEGORY: DEPRECATED: WASC-07 - Buffer Overflow
Category ID: 340
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Buffer Overflow
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-07 - Buffer Overflow
CAPEC CATEGORY: DEPRECATED: WASC-08 - Cross-Site Scripting
Category ID: 341
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Cross-Site Scripting
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-08 - Cross-Site Scripting
CAPEC CATEGORY: DEPRECATED: WASC-09 - Cross-Site Request Forgery
Category ID: 342
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Cross-Site Request Forgery
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-09 - Cross-Site Request Forgery
CAPEC CATEGORY: DEPRECATED: WASC-10 - Denial of Service
Category ID: 343
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Denial of Service - see view 333
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships, Summary Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-10 - Denial of Service
CAPEC CATEGORY: DEPRECATED: WASC-11 - Brute Force
Category ID: 344
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Brute Force
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-11 - Brute Force
CAPEC CATEGORY: DEPRECATED: WASC-12 - Content Spoofing
Category ID: 345
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Content Spoofing
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-12 - Content Spoofing
CAPEC CATEGORY: DEPRECATED: WASC-18 - Credential/Session Prediction
Category ID: 351
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Credential/Session Prediction
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-18 - Credential/Session Prediction
CAPEC CATEGORY: DEPRECATED: WASC-19 - SQL Injection
Category ID: 352
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item SQL Injection
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-19 - SQL Injection
CAPEC CATEGORY: DEPRECATED: WASC-23 - XML Injection
Category ID: 356
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item XML Injection
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-23 - XML Injection
CAPEC CATEGORY: DEPRECATED: WASC-24 - HTTP Request Splitting
Category ID: 357
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item HTTP Request Splitting
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-24 - HTTP Request Splitting
CAPEC CATEGORY: DEPRECATED: WASC-25 - HTTP Response Splitting
Category ID: 358
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item HTTP Response Splitting
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-25 - HTTP Response Splitting
CAPEC CATEGORY: DEPRECATED: WASC-26 - HTTP Request Smuggling
Category ID: 359
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item HTTP Request Smuggling
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-26 - HTTP Request Smuggling
CAPEC CATEGORY: DEPRECATED: WASC-27 - HTTP Response Smuggling
Category ID: 360
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item HTTP Response Smuggling
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-27 - HTTP Response Smuggling
CAPEC CATEGORY: DEPRECATED: WASC-28 - Null Byte Injection
Category ID: 361
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Null Byte Injection
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-28 - Null Byte Injection
CAPEC CATEGORY: DEPRECATED: WASC-29 - LDAP Injection
Category ID: 362
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item LDAP Injection
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-29 - LDAP Injection
CAPEC CATEGORY: DEPRECATED: WASC-30 - Mail Command Injection
Category ID: 363
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Mail Command Injection
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-30 - Mail Command Injection
CAPEC CATEGORY: DEPRECATED: WASC-31 - OS Commanding
Category ID: 364
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item OS Commanding
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-31 - OS Commanding
CAPEC CATEGORY: DEPRECATED: WASC-32 - Routing Detour
Category ID: 365
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Routing Detour
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-32 - Routing Detour
CAPEC CATEGORY: DEPRECATED: WASC-33 - Path Traversal
Category ID: 366
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Path Traversal
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-33 - Path Traversal
CAPEC CATEGORY: DEPRECATED: WASC-34 - Predictable Resource Location
Category ID: 367
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Predictable Resource Location
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-34 - Predictable Resource Location
CAPEC CATEGORY: DEPRECATED: WASC-35 - SOAP Array Abuse
Category ID: 368
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item SOAP Array Abuse
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-35 - SOAP Array Abuse
CAPEC CATEGORY: DEPRECATED: WASC-36 - SSI Injection
Category ID: 369
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item SSI Injection
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-36 - SSI Injection
CAPEC CATEGORY: DEPRECATED: WASC-37 - Session Fixation
Category ID: 370
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Session Fixation
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-37 - Session Fixation
CAPEC CATEGORY: DEPRECATED: WASC-38 - URL Redirector Abuse
Category ID: 371
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item URL Redirector Abuse
Notes
Relationship
It should be noted that the member relation to
CAPEC-194 is not as clean as could be.
CAPEC-194 would ideally have another child (other than
CAPEC-543 : Counterfeit Websites) that is specific to URL Redirection. Unlike
CAPEC-543 , URL Redirection does not require a counterfeit website, but rather the user to simply click a link. With that said, we have created this relationship to
CAPEC-194 due to the related weakness (
CWE-601 ), which specifically deals with URL Redirection, and will revist this at a later date.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationship_Notes, Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-38 - URL Redirector Abuse
CAPEC CATEGORY: DEPRECATED: WASC-39 - XPath Injection
Category ID: 372
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item XPath Injection
Membership
Nature Type ID Name HasMember Detailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal. 83 XPath Injection
References
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-39 - XPath Injection
CAPEC CATEGORY: DEPRECATED: WASC-41 - XML Attribute Blowup
Category ID: 374
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item XML Attribute Blowup
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-41 - XML Attribute Blowup
CAPEC CATEGORY: DEPRECATED: WASC-42 - Abuse of Functionality
Category ID: 375
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Abuse of Functionality
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-42 - Abuse of Functionality
CAPEC CATEGORY: DEPRECATED: WASC-43 - XML External Entities
Category ID: 376
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item XML External Entities
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-43 - XML External Entities
CAPEC CATEGORY: DEPRECATED: WASC-44 - XML Entity Expansion
Category ID: 377
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item XML Entity Expansion
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-44 - XML Entity Expansion
CAPEC CATEGORY: DEPRECATED: WASC-45 - Fingerprinting
Category ID: 378
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item Fingerprinting
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Relationships 2017-08-04 CAPEC Content Team The MITRE Corporation Updated Relationships 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-45 - Fingerprinting
CAPEC CATEGORY: DEPRECATED: WASC-46 - XQuery Injection
Category ID: 379
Status: Deprecated
Summary
This category is related to the WASC Threat Classification 2.0 item XQuery Injection
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2020-12-17 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, References, Relationships Previous Entry Names Change Date Previous Entry Name 2020-12-17 WASC-46 - XQuery Injection
CAPEC-484: DEPRECATED: XML Client-Side Attack
Attack Pattern ID: 484
Status: Deprecated
Description
This attack pattern has been deprecated as it a generalization of
CAPEC-230 : XML Nested Payloads and
CAPEC-231 : XML Oversized Payloads. Please refer to these CAPECs going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2018-07-31 CAPEC Content Team The MITRE Corporation Updated References 2019-04-04 CAPEC Content Team The MITRE Corporation Updated Related_Weaknesses 2019-09-30 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Consequences, Description, Example_Instances, Execution_Flow, Indicators, Likelihood_Of_Attack, Mitigations, Prerequisites, References, Related_Attack_Patterns, Related_Weaknesses, Skills_Required Previous Entry Names Change Date Previous Entry Name 2019-09-30 XML Client-Side Attack
CAPEC-99: DEPRECATED: XML Parser Attack
Attack Pattern ID: 99
Status: Deprecated
Description
This attack pattern has been deprecated as it a generalization of
CAPEC-230 : XML Nested Payloads and
CAPEC-231 : XML Oversized Payloads. Please refer to these CAPECs going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2019-09-30 CAPEC Content Team The MITRE Corporation Updated @Name, @Status, Consequences, Description, Example_Instances, Execution_Flow, Indicators, Likelihood_Of_Attack, Mitigations, Prerequisites, References, Related_Attack_Patterns, Related_Weaknesses, Skills_Required, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2019-09-30 XML Parser Attack
CAPEC-91: DEPRECATED: XSS in IMG Tags
Attack Pattern ID: 91
Status: Deprecated
Description
This attack pattern has been deprecated as it is contained in the existing attack pattern "
CAPEC-18 : XSS Targeting Non-Script Elements". Please refer to this other CAPEC going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Activation_Zone, Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Injection_Vector, Languages, Methods_of_Attack, Payload, Payload_Activation_Impact, Platforms, Purposes, Related_Attack_Patterns, Related_Guidelines, Related_Security_Principles, Related_Vulnerabilities, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity 2018-07-31 CAPEC Content Team The MITRE Corporation Updated Description Summary Previous Entry Names Change Date Previous Entry Name 2017-05-01 XSS in IMG Tags
CAPEC-106: DEPRECATED: XSS through Log Files
Attack Pattern ID: 106
Status: Deprecated
Description
This attack pattern has been deprecated as it referes to an existing chain relationship between "
CAPEC-93 : Log Injection-Tampering-Forging" and "
CAPEC-63 : Cross-Site Scripting". Please refer to these CAPECs going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-01-09 CAPEC Content Team The MITRE Corporation Updated Related_Attack_Patterns 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Activation_Zone, Architectural_Paradigms, Attack_Motivation-Consequences, Attack_Phases, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, CIA_Impact, Description, Description Summary, Examples-Instances, Frameworks, Injection_Vector, Languages, Methods_of_Attack, Payload, Payload_Activation_Impact, Platforms, Probing_Techniques, Purposes, Related_Attack_Patterns, Related_Security_Principles, Related_Weaknesses, Relevant_Security_Requirements, Resources_Required, Solutions_and_Mitigations, Technical_Context, Typical_Likelihood_of_Exploit, Typical_Severity Previous Entry Names Change Date Previous Entry Name 2017-05-01 Cross Site Scripting through Log Files
CAPEC-246: DEPRECATED: XSS Using Flash
Attack Pattern ID: 246
Status: Deprecated
Description
This pattern has been deprecated as it is covered by a chaining relationship between
CAPEC-174 : Flash Parameter Injection and
CAPEC-591 : Stored XSS. Please refer to these CAPECs going forward.
Content History
Submissions Submission Date Submitter Organization 2014-06-23 CAPEC Content Team The MITRE Corporation Modifications Modification Date Modifier Organization 2017-05-01 CAPEC Content Team The MITRE Corporation Updated Attack_Phases, Description, Description Summary, Related_Attack_Patterns, Related_Weaknesses Previous Entry Names Change Date Previous Entry Name 2017-05-01 Cross-Site Scripting Using Flash
More information is available — Please select a different filter.