Detailedseverity: MediumStable

CAPEC-639Probe System Files

Abstraction
Detailed
Status
Stable
Severity
Medium

Description

An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information. Metadata: detailed CAPEC pattern, status stable, severity medium. Underlying weakness: CWE-552. Mapped ATT&CK techniques: [object Object], [object Object], [object Object], [object Object], [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 1

CWE-552

MITRE ATT&CK crosswalk· 5

T1039: Data from Network Shared DriveT1552.001: Unsecured Credentials: Credentials in FilesT1552.003: Unsecured Credentials: Bash HistoryT1552.004: Unsecured Credentials: Private KeysT1552.006: Unsecured Credentials: Group Policy Preferences

Related attack patterns· 1

CAPEC-545 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessFiles or Directories Accessible to External Partiescwe-552100%live

Related to5

TypeTargetConfidenceTier
TechniqueData from Network Shared Drivet1039100%live
SubTechniqueCredentials In Filest1552.001100%live
SubTechniqueBash Historyt1552.003100%live
SubTechniquePrivate Keyst1552.004100%live
SubTechniqueGroup Policy Preferencest1552.006100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
File Discovery
CAPEC
Retrieve Embedded Sensitive Data
CAPEC
Pull Data from System Resources
CAPEC
System Location Discovery
CAPEC
Screen Temporary Files for Sensitive Information
CAPEC
Modify Shared File
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.