Configuration/Environment manipulation |
Attack Pattern ID: 176 (Standard Attack Pattern Completeness: Stub) | Typical Severity: Medium | Status: Draft |
Configuration/Environment manipulation |
Attack Pattern ID: 176 (Standard Attack Pattern Completeness: Stub) | Typical Severity: Medium | Status: Draft |
Summary
An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.
The target application must consult external files or configuration controls to control its execution. All but the very simplest applications meet this requirement.
The attacker must have the access necessary to affect the files or other environment items the targeted application uses for its operations.
Nature | Type | ID | Name | Description | View(s) this relationship pertains to |
---|---|---|---|---|---|
ChildOf | Category | 262 | Resource Manipulation | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 75 | Manipulating Writeable Configuration Files | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 96 | Block Access to Libraries | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 159 | Redirect Access to Libraries | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 203 | Manipulate Application Registry Values | Mechanism of Attack (primary)1000 |
Security-Database help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.
28 June 2016