CAPEC 212 Functionality Misuse

Stable Meta Medium Risk

Severity Medium

Description

An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data.

CAPEC 212 Functionality Misuse

Description

Mitigations

Perform Comprehensive Threat Modeling, A Process Of Identifying, Evaluating, And Mitigating Potential Threats To The Application. This Effort Can Help Reveal Potentially Obscure Application Functionality That Can Be Manipulated For Malicious Purposes.

When Implementing Security Features, Consider How They Can Be Misused And Compromised.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Child CAPECs

Related CAPECs

CAPEC 212 Functionality Misuse

Description

Mitigations

Perform Comprehensive Threat Modeling, A Process Of Identifying, Evaluating, And Mitigating Potential Threats To The Application. This Effort Can Help Reveal Potentially Obscure Application Functionality That Can Be Manipulated For Malicious Purposes.

When Implementing Security Features, Consider How They Can Be Misused And Compromised.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Child CAPECs

Related CAPECs

Iscriviti alla newsletter