test_scratch
/
cti-ATT-CK-v13.1
/capec
/2.0
/attack-pattern
/attack-pattern--12de9227-495b-49b2-859f-334a20197ba3.json
{ | |
"id": "bundle--bd4bd57c-622a-4776-8dee-6cf204fcd9de", | |
"objects": [ | |
{ | |
"created": "2014-06-23T00:00:00.000Z", | |
"created_by_ref": "identity--e50ab59c-5c4f-4d40-bf6a-d58418d89bcd", | |
"description": "An adversary exploits weaknesses in input validation by manipulating resource identifiers enabling the unintended modification or specification of a resource.", | |
"external_references": [ | |
{ | |
"external_id": "CAPEC-240", | |
"source_name": "capec", | |
"url": "https://capec.mitre.org/data/definitions/240.html" | |
}, | |
{ | |
"external_id": "CWE-99", | |
"source_name": "cwe", | |
"url": "http://cwe.mitre.org/data/definitions/99.html" | |
}, | |
{ | |
"description": "Resource Injection", | |
"source_name": "OWASP Attacks", | |
"url": "https://owasp.org/www-community/attacks/Resource_Injection" | |
} | |
], | |
"id": "attack-pattern--12de9227-495b-49b2-859f-334a20197ba3", | |
"modified": "2020-12-17T00:00:00.000Z", | |
"name": "Resource Injection", | |
"object_marking_refs": [ | |
"marking-definition--17d82bb2-eeeb-4898-bda5-3ddbcd2b799d" | |
], | |
"type": "attack-pattern", | |
"x_capec_abstraction": "Meta", | |
"x_capec_consequences": { | |
"Confidentiality": [ | |
"Read Data" | |
], | |
"Integrity": [ | |
"Modify Data" | |
] | |
}, | |
"x_capec_domains": [ | |
"Communications", | |
"Software" | |
], | |
"x_capec_likelihood_of_attack": "High", | |
"x_capec_parent_of_refs": [ | |
"attack-pattern--b5cd5231-d7ef-4366-b713-a44d3f1134b4" | |
], | |
"x_capec_prerequisites": [ | |
"The target application allows the user to both specify the identifier used to access a system resource. Through this permission, the user gains the capability to perform actions on that resource (e.g., overwrite the file)" | |
], | |
"x_capec_status": "Stable", | |
"x_capec_typical_severity": "High", | |
"x_capec_version": "3.9" | |
} | |
], | |
"spec_version": "2.0", | |
"type": "bundle" | |
} |