CAPEC-225
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Nom: Subvert Access Control
An attacker actively targets exploitation of weaknesses, limitations and assumptions in the mechanisms a target utilizes to manage identity and authentication as well as manage access to its resources or authorize functionality. Such exploitation can lead to the complete subversion of any trust the target system may have in the identity of any entity with which it interacts, or the complete subversion of any control the target has over its data or functionality. Weaknesses targeted by subversion of authorization controls are often due to three primary factors: 1) a fundamental dependence on authentication mechanisms being effective; 2) a lack of effective control over the separation of privilege between various entities; and 3) assumptions and over confidence in the strength or rigor of the implemented authorization mechanisms.
Liste des Membres CAPEC
Informations sur le CAPEC
Soumission
| Nom | Organisation | Date | Date de publication |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Relationships | |
| CAPEC Content Team | The MITRE Corporation | Updated Description, Relationships | |
| CAPEC Content Team | The MITRE Corporation | Updated Description | |
| CAPEC Content Team | The MITRE Corporation | Updated Relationships | |
| CAPEC Content Team | The MITRE Corporation | Updated Relationships |
2025©
tesweb SA
