CAPEC-154

Resource Location Spoofing
Moyen
Moyen
Stable
2014-06-23
00h00 +00:00
2023-01-24
00h00 +00:00
CAPEC Mitre.org
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Gestion des notifications

Descriptions du CAPEC

An adversary deceives an application or user and convinces them to request a resource from an unintended location. By spoofing the location, the adversary can cause an alternate resource to be used, often one that the adversary controls and can be used to help them achieve their malicious goals.

Informations du CAPEC

Conditions préalables

None. All applications rely on file paths and therefore, in theory, they or their resources could be affected by this type of attack.

Ressources nécessaires

None: No specialized resources are required to execute this type of attack.

Atténuations

Monitor network activity to detect any anomalous or unauthorized communication exchanges.

Faiblesses connexes

CWE-ID Nom de la faiblesse

CWE-451

 User Interface (UI) Misrepresentation of Critical Information
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

Soumission

Nom Organisation Date Date de publication
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modifications

Nom Organisation Date Commentaire
CAPEC Content Team The MITRE Corporation 2015-11-09 +00:00 Updated Description Summary
CAPEC Content Team The MITRE Corporation 2017-05-01 +00:00 Updated Attack_Motivation-Consequences, Attack_Prerequisites, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit
CAPEC Content Team The MITRE Corporation 2017-08-04 +00:00 Updated Description Summary, Resources_Required
CAPEC Content Team The MITRE Corporation 2023-01-24 +00:00 Updated Related_Weaknesses