CAPEC-141: Cache Poisoning
ID
CAPEC-141
Typical Severity
High
Likelihood Of Attack
High
Status
Draft
An attacker exploits the functionality of cache technologies to cause specific data to be cached that aids the attackers' objectives. This describes any attack whereby an attacker places incorrect or harmful material in cache. The targeted cache can be an application's cache (e.g. a web browser cache) or a public cache (e.g. a DNS or ARP cache). Until the cache is refreshed, most applications or clients will treat the corrupted cache value as valid. This can lead to a wide range of exploits including redirecting web browsers towards sites that install malware and repeatedly incorrect calculations based on the incorrect value.
Weaknesses
Taxonomiy Mapping
Type | # ID | Name |
---|---|---|
ATTACK | 1557.002 | Adversary-in-the-Middle: ARP Cache Poisoning |
OWASP Attacks | Cache Poisoning |