Detailedlikelihood: Mediumseverity: HighDraft

CAPEC-81Web Server Logs Tampering

Abstraction
Detailed
Status
Draft
Likelihood
Medium
Severity
High

Description

Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.

Related weaknesses· 10

CWE-117CWE-93CWE-75CWE-221CWE-96CWE-20CWE-150CWE-276CWE-279CWE-116

Related attack patterns· 1

CAPEC-268 (ChildOf)

Exploits10

TypeTargetConfidenceTier
WeaknessImproper Output Neutralization for Logscwe-117100%live
WeaknessImproper Neutralization of Escape, Meta, or Control Sequencescwe-150100%live
WeaknessIncorrect Execution-Assigned Permissionscwe-279100%live
WeaknessImproper Neutralization of CRLF Sequences ('CRLF Injection')cwe-93100%live
WeaknessInformation Loss or Omissioncwe-221100%live
WeaknessImproper Neutralization of Directives in Statically Saved Code ('Static Code Injection')cwe-96100%live
WeaknessImproper Encoding or Escaping of Outputcwe-116100%live
WeaknessIncorrect Default Permissionscwe-276100%live
WeaknessFailure to Sanitize Special Elements into a Different Plane (Special Element Injection)cwe-75100%live
WeaknessImproper Input Validationcwe-20100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Log Injection-Tampering-Forging
CAPEC
Audit Log Manipulation
CAPEC
Web Services Protocol Manipulation
CAPEC
DEPRECATED: XSS through Log Files
CAPEC
HTTP Verb Tampering
CAPEC
File Manipulation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.