CAPEC-639: Probe System Files
ID
CAPEC-639
Typical Severity
Medium
Status
Stable
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-552 | Files or Directories Accessible to External Parties | weakness |
Taxonomiy Mapping
Type | # ID | Name |
---|---|---|
ATTACK | 1039 | Data from Network Shared Drive |
ATTACK | 1552.001 | Unsecured Credentials: Credentials in Files |
ATTACK | 1552.003 | Unsecured Credentials: Bash History |
ATTACK | 1552.004 | Unsecured Credentials: Private Keys |
ATTACK | 1552.006 | Unsecured Credentials: Group Policy Preferences |