Standardlikelihood: Lowseverity: HighDraft

CAPEC-271Schema Poisoning

Abstraction
Standard
Status
Draft
Likelihood
Low
Severity
High

Description

An adversary corrupts or modifies the content of a schema for the purpose of undermining the security of the target. Schemas provide the structure and content definitions for resources used by an application. By replacing or modifying a schema, the adversary can affect how the application handles or interprets a resource, often leading to possible denial of service, entering into an unexpected state, or recording incomplete data.

Related weaknesses· 1

CWE-15

Related attack patterns· 2

CAPEC-176 (ChildOf)CAPEC-94 (CanFollow)

Exploits1

TypeTargetConfidenceTier
WeaknessExternal Control of System or Configuration Settingcwe-15100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
XML Schema Poisoning
CAPEC
Cache Poisoning
CAPEC
Poison Web Service Registry
CAPEC
Protocol Manipulation
CAPEC
Web Services Protocol Manipulation
CAPEC
Resource Injection
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.