Metalikelihood: Highseverity: HighStable

CAPEC-560Use of Known Domain Credentials

Abstraction
Meta
Status
Stable
Likelihood
High
Severity
High

Description

Metadata: meta CAPEC pattern, status stable, likelihood high, severity high. Underlying weaknesses: CWE-522, CWE-307, CWE-308, CWE-309, CWE-262 (and 3 more). Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object]. Metadata: meta CAPEC pattern, status stable, likelihood high, severity high. Underlying weaknesses: CWE-522, CWE-307, CWE-308, CWE-309, CWE-262 (and 3 more). Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 8

CWE-522CWE-307CWE-308CWE-309CWE-262CWE-263CWE-654CWE-1273

MITRE ATT&CK crosswalk· 1

T1078: Valid Accounts

Related attack patterns· 1

CAPEC-151 (CanPrecede)

Exploits8

TypeTargetConfidenceTier
WeaknessPassword Aging with Long Expirationcwe-263100%live
WeaknessDevice Unlock Credential Sharingcwe-1273100%live
WeaknessImproper Restriction of Excessive Authentication Attemptscwe-307100%live
WeaknessUse of Single-factor Authenticationcwe-308100%live
WeaknessInsufficiently Protected Credentialscwe-522100%live
WeaknessReliance on a Single Factor in a Security Decisioncwe-654100%live
WeaknessNot Using Password Agingcwe-262100%live
WeaknessUse of Password System for Primary Authenticationcwe-309100%live

Related to1

TypeTargetConfidenceTier
TechniqueValid Accountst1078100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Use of Known Operating System Credentials
CAPEC
Use of Known Kerberos Credentials
CAPEC
Credential Stuffing
CAPEC
Exploitation of Trusted Identifiers
CAPEC
Windows Admin Shares with Stolen Credentials
CAPEC
Credential Prompt Impersonation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.