CAPEC 224 Fingerprinting

Stable Meta High Risk

Severity Very Low

Description

An adversary compares output from a target system to known indicators that uniquely identify specific details about the target. Most commonly, fingerprinting is done to determine operating system and application versions. Fingerprinting can be done passively as well as actively. Fingerprinting by itself is not usually detrimental to the target. However, the information gathered through fingerprinting often enables an adversary to discover existing weaknesses in the target.

CAPEC 224 Fingerprinting

Description

Mitigations

While Some Information Is Shared By Systems Automatically Based On Standards And Protocols, Remove Potentially Sensitive Information That Is Not Necessary For The Application'S Functionality As Much As Possible.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Child CAPECs

Resources Required

CAPEC 224 Fingerprinting

Description

Mitigations

While Some Information Is Shared By Systems Automatically Based On Standards And Protocols, Remove Potentially Sensitive Information That Is Not Necessary For The Application'S Functionality As Much As Possible.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Child CAPECs

Resources Required

Iscriviti alla newsletter