Standardlikelihood: Highseverity: MediumDraft

CAPEC-2Inducing Account Lockout

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
Medium

Description

An attacker leverages the security functionality of the system aimed at thwarting potential attacks to launch a denial of service attack against a legitimate system user. Many systems, for instance, implement a password throttling mechanism that locks an account after a certain number of incorrect log in attempts. An attacker can leverage this throttling mechanism to lock a legitimate user out of their own account. The weakness that is being leveraged by an attacker is the very security feature that has been put in place to counteract attacks.

Related weaknesses· 1

CWE-645

MITRE ATT&CK crosswalk· 1

T1531: Account Access Removal

Related attack patterns· 1

CAPEC-212 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessOverly Restrictive Account Lockout Mechanismcwe-645100%live

Related to1

TypeTargetConfidenceTier
TechniqueAccount Access Removalt1531100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Authentication Abuse
CWE
Overly Restrictive Account Lockout Mechanism
CAPEC
Password Brute Forcing
CAPEC
Brute Force
CAPEC
Session Credential Falsification through Manipulation
CAPEC
Exploiting Incorrectly Configured Access Control Security Levels
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.