Standardlikelihood: Highseverity: HighDraft

CAPEC-141Cache Poisoning

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
High

Description

An attacker exploits the functionality of cache technologies to cause specific data to be cached that aids the attackers' objectives. This describes any attack whereby an attacker places incorrect or harmful material in cache. The targeted cache can be an application's cache (e.g. a web browser cache) or a public cache (e.g. a DNS or ARP cache). Until the cache is refreshed, most applications or clients will treat the corrupted cache value as valid. This can lead to a wide range of exploits including redirecting web browsers towards sites that install malware and repeatedly incorrect calculations based on the incorrect value.

Related weaknesses· 4

CWE-348CWE-345CWE-349CWE-346

MITRE ATT&CK crosswalk· 1

T1557.002: Adversary-in-the-Middle: ARP Cache Poisoning

Related attack patterns· 1

CAPEC-161 (ChildOf)

Exploits4

TypeTargetConfidenceTier
WeaknessAcceptance of Extraneous Untrusted Data With Trusted Datacwe-349100%live
WeaknessInsufficient Verification of Data Authenticitycwe-345100%live
WeaknessOrigin Validation Errorcwe-346100%live
WeaknessUse of Less Trusted Sourcecwe-348100%live

Related to1

TypeTargetConfidenceTier
SubTechniqueARP Cache Poisoningt1557.002100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
DNS Cache Poisoning
CAPEC
Schema Poisoning
CAPEC
Lifting Sensitive Data Embedded in Cache
CAPEC
XML Schema Poisoning
CAPEC
Poison Web Service Registry
CAPEC
Content Spoofing
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.