Dark Mode

Settings

Capec-639 Detail

Probe System Files

Detailed Software Typical Severity: Medium

Parents: 545

Threats: T258 T291 T302

Description

An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.

Not present

External ID Source Link Description
CAPEC-639 capec https://capec.mitre.org/data/definitions/639.html
CWE-552 cwe http://cwe.mitre.org/data/definitions/552.html
T1039 ATTACK https://attack.mitre.org/wiki/Technique/T1039 Data from Network Shared Drive
T1552.001 ATTACK https://attack.mitre.org/wiki/Technique/T1552/001 Unsecured Credentials: Credentials in Files
T1552.003 ATTACK https://attack.mitre.org/wiki/Technique/T1552/003 Unsecured Credentials: Bash History
T1552.004 ATTACK https://attack.mitre.org/wiki/Technique/T1552/004 Unsecured Credentials: Private Keys
T1552.006 ATTACK https://attack.mitre.org/wiki/Technique/T1552/006 Unsecured Credentials: Group Policy Preferences

Not present

  1. An adversary has access to the file system of a system.

Not present

Not present

Confidentiality
Read Data
  1. Adversaries may search local file systems and remote file shares for files containing passwords. These can be files created by users to store their own credentials, shared credential stores for a group of individuals, configuration files containing passwords for a system or service, or source code/binary files containing embedded passwords.
  2. Adversaries may search network shares on computers they have compromised to find files of interest.

We use cookies to ensure you get the best experience on our website.