CAPEC-176: Configuration/Environment Manipulation
ID
CAPEC-176
Typical Severity
Medium
Status
Draft
An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.
Weaknesses
| # ID | Name | Type |
|---|---|---|
| CWE-15 | External Control of System or Configuration Setting | weakness |
| CWE-1233 | Security-Sensitive Hardware Controls with Missing Lock Bit Protection | weakness |
| CWE-1234 | Hardware Internal or Debug Modes Allow Override of Locks | weakness |
| CWE-1304 | Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation | weakness |
| CWE-1328 | Security Version Number Mutable to Older Versions | weakness |
Taxonomiy Mapping
| Type | # ID | Name |
|---|---|---|
| OWASP Attacks | Setting Manipulation |