CAPEC 690 Metadata Spoofing

Name: VulnX Platform
Author: Studio Consi

Stable Meta Medium Risk

Severity High

Description

{'xhtml:p': 'An adversary alters the metadata of a resource (e.g., file, directory, repository, etc.) to present a malicious resource as legitimate/credible.'}

CAPEC 690 Metadata Spoofing

Description

Mitigations

Confirm The Pedigree Of Open Source Packages And Ensure The Code Being Downloaded Does Not Originate From Another Source.

Even If The Metadata Is Properly Checked And A User Believes It To Be Legitimate, There May Still Be A Chance That They'Ve Been Duped. Therefore, Leverage Automated Testing Techniques To Determine Where Malicious Areas Of The Code May Exist.

Validate Metadata Of Resources Such As Authors, Timestamps, And Statistics.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Child CAPECs

CAPEC 690 Metadata Spoofing

Description

Mitigations

Confirm The Pedigree Of Open Source Packages And Ensure The Code Being Downloaded Does Not Originate From Another Source.

Even If The Metadata Is Properly Checked And A User Believes It To Be Legitimate, There May Still Be A Chance That They'Ve Been Duped. Therefore, Leverage Automated Testing Techniques To Determine Where Malicious Areas Of The Code May Exist.

Validate Metadata Of Resources Such As Authors, Timestamps, And Statistics.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Child CAPECs

Iscriviti alla newsletter