CAPEC-439

Manipulation During Distribution
Draft
2014-06-23
00h00 +00:00
2021-06-24
00h00 +00:00
CAPEC Mitre.org
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Gestion des notifications

Descriptions du CAPEC

An attacker undermines the integrity of a product, software, or technology at some stage of the distribution channel. The core threat of modification or manipulation during distribution arise from the many stages of distribution, as a product may traverse multiple suppliers and integrators as the final asset is delivered. Components and services provided from a manufacturer to a supplier may be tampered with during integration or packaging.

Informations du CAPEC

Faiblesses connexes

CWE-ID Nom de la faiblesse

CWE-1269

 Product Released in Non-Release Configuration
The product released to market is released in pre-production or manufacturing configuration.

Références

REF-379

Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (2nd Draft)
Jon Boyens, Angela Smith, Nadya Bartol, Kris Winkler, Alex Holbrook, Matthew Fallon.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1-draft2.pdf

REF-384

The Software Supply Chain Integrity Framework Defining Risks and Responsibilities for Securing Software in the Global Supply Chain
SAFECode.

REF-382

Piloting Supply Chain Risk Management Practices for Federal Information Systems
Marianne Swanson, Nadya Bartol, Rama Moorthy.

Soumission

Nom Organisation Date Date de publication
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modifications

Nom Organisation Date Commentaire
CAPEC Content Team The MITRE Corporation 2019-04-04 +00:00 Updated Taxonomy_Mappings
CAPEC Content Team The MITRE Corporation 2020-07-30 +00:00 Updated Related_Weaknesses, Taxonomy_Mappings
CAPEC Content Team The MITRE Corporation 2021-06-24 +00:00 Updated Taxonomy_Mappings