Detailedseverity: LowStable

CAPEC-290Enumerate Mail Exchange (MX) Records

Abstraction
Detailed
Status
Stable
Severity
Low

Description

An adversary enumerates the MX records for a given via a DNS query. This type of information gathering returns the names of mail servers on the network. Mail servers are often not exposed to the Internet but are located within the DMZ of a network protected by a firewall. A side effect of this configuration is that enumerating the MX records for an organization my reveal the IP address of the firewall or possibly other internal systems. Attackers often resort to MX record enumeration when a DNS Zone Transfer is not possible.

Related weaknesses· 1

CWE-200

Related attack patterns· 1

CAPEC-309 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-200100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
DNS Zone Transfers
CAPEC
IMAP/SMTP Command Injection
CAPEC
Traceroute Route Enumeration
CAPEC
DNS Rebinding
CAPEC
DNS Blocking
CAPEC
DNS Spoofing
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.