Standardlikelihood: Highseverity: MediumDraft

CAPEC-510SaaS User Request Forgery

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
Medium

Description

An adversary, through a previously installed malicious application, performs malicious actions against a third-party Software as a Service (SaaS) application (also known as a cloud based application) by leveraging the persistent and implicit trust placed on a trusted user's session. This attack is executed after a trusted user is authenticated into a cloud service, "piggy-backing" on the authenticated session, and exploiting the fact that the cloud service believes it is only interacting with the trusted user. If successful, the actions embedded in the malicious application will be processed and accepted by the targeted SaaS application and executed at the trusted user's privilege level.

Related weaknesses· 1

CWE-346

Related attack patterns· 1

CAPEC-21 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessOrigin Validation Errorcwe-346100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Session Credential Falsification through Forging
CAPEC
Cross Site Request Forgery
CAPEC
Session Credential Falsification through Manipulation
CAPEC
Authentication Abuse
CAPEC
Token Impersonation
CAPEC
Session Fixation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.