CAPEC-439
Manipulation During Distribution
Draft
2014-06-23
00h00 +00:00
00h00 +00:00
2021-06-24
00h00 +00:00
00h00 +00:00
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Descriptions CAPEC
An attacker undermines the integrity of a product, software, or technology at some stage of the distribution channel. The core threat of modification or manipulation during distribution arise from the many stages of distribution, as a product may traverse multiple suppliers and integrators as the final asset is delivered. Components and services provided from a manufacturer to a supplier may be tampered with during integration or packaging.
Informations CAPEC
Related Weaknesses
| Weakness Name | |
|---|---|
CWE-1269 |
Product Released in Non-Release Configuration The product released to market is released in pre-production or manufacturing configuration. |
References
REF-379
Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (2nd Draft)Jon Boyens, Angela Smith, Nadya Bartol, Kris Winkler, Alex Holbrook, Matthew Fallon.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1-draft2.pdf
REF-384
The Software Supply Chain Integrity Framework Defining Risks and Responsibilities for Securing Software in the Global Supply ChainSAFECode.
REF-382
Piloting Supply Chain Risk Management Practices for Federal Information SystemsMarianne Swanson, Nadya Bartol, Rama Moorthy.
Submission
| Name | Organization | Date | Date release |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses, Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |
2025©
tesweb SA
