CAPEC-144: Detect Unpublicized Web Services
ID
CAPEC-144
Typical Severity
Low
Status
Draft
An adversary searches a targeted web site for web services that have not been publicized. This attack can be especially dangerous since unpublished but available services may not have adequate security controls placed upon them given that an administrator may believe they are unreachable.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-425 | Direct Request ('Forced Browsing') | weakness |