Metaseverity: MediumDraft

CAPEC-176Configuration/Environment Manipulation

Abstraction
Meta
Status
Draft
Severity
Medium

Description

An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.

Related weaknesses· 5

CWE-15CWE-1233CWE-1234CWE-1304CWE-1328

Exploits5

TypeTargetConfidenceTier
WeaknessExternal Control of System or Configuration Settingcwe-15100%live
WeaknessImproperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operationcwe-1304100%live
WeaknessHardware Internal or Debug Modes Allow Override of Lockscwe-1234100%live
WeaknessSecurity Version Number Mutable to Older Versionscwe-1328100%live
WeaknessSecurity-Sensitive Hardware Controls with Missing Lock Bit Protectioncwe-1233100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
File Manipulation
CAPEC
Leveraging/Manipulating Configuration File Search Paths
CAPEC
Subverting Environment Variable Values
CAPEC
Code Injection
CAPEC
Protocol Manipulation
CAPEC
Manipulating Writeable Configuration Files
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.