Detailedlikelihood: Highseverity: HighDraft

CAPEC-93Log Injection-Tampering-Forging

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
High

Description

This attack targets the log files of the target host. The attacker injects, manipulates or forges malicious log entries in the log file, allowing them to mislead a log audit, cover traces of attack, or perform other malicious actions. The target host is not properly controlling log access. As a result tainted data is resulting in the log files leading to a failure in accountability, non-repudiation and incident forensics capability.

Related weaknesses· 3

CWE-117CWE-75CWE-150

Related attack patterns· 2

CAPEC-268 (ChildOf)CAPEC-592 (CanPrecede)

Exploits3

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Escape, Meta, or Control Sequencescwe-150100%live
WeaknessImproper Output Neutralization for Logscwe-117100%live
WeaknessFailure to Sanitize Special Elements into a Different Plane (Special Element Injection)cwe-75100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Audit Log Manipulation
CAPEC
Web Server Logs Tampering
CAPEC
DEPRECATED: XSS through Log Files
CAPEC
Traffic Injection
CAPEC
Code Injection
CAPEC
String Format Overflow in syslog()
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.