CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels

Standard Draft 严重程度: Medium 攻击可能性: High

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and thereby obtain unauthorized access to the system or network. Sensitive functionality should always be protected with access controls. However configuring all but the most trivial access control systems can be very complicated and there are many opportunities for mistakes. If an attacker can learn of incorrectly configured access security settings, they may be able to exploit this in an attack.

执行流程

步骤 1 Explore

[Survey] The attacker surveys the target application, possibly as a valid and authenticated user.

技术:
  • Spider the web site for all available links.
  • Brute force to guess all function names/action with different privileges.
步骤 2 Experiment

[Identify weak points in access control configurations] The attacker probes the access control for functions and data identified in the Explore phase to identify potential weaknesses in how the access controls are configured.

技术:
  • The attacker attempts authenticated access to targeted functions and data.
  • The attacker attempts unauthenticated access to targeted functions and data.
  • The attacker attempts indirect and side channel access to targeted functions and data.
步骤 3 Exploit

[Access the function or data bypassing the access control] The attacker executes the function or accesses the data identified in the Explore phase bypassing the access control.

技术:
  • The attacker executes the function or accesses the data not authorized to them.

前提条件

  • The target must apply access controls, but incorrectly configure them. However, not all incorrect configurations can be exploited by an attacker. If the incorrect configuration applies too little security to some functionality, then the attacker may be able to exploit it if the access control would be the only thing preventing an attacker's access and it no longer does so. If the incorrect configuration applies too much security, it must prevent legitimate activity and the attacker must be able to force others to require this activity..

所需技能

Low In order to discover unrestricted resources, the attacker does not need special tools or skills. They only have to observe the resources or access mechanisms invoked as each action is performed and then try and access those access mechanisms directly.

所需资源

  • None: No specialized resources are required to execute this type of attack.

后果影响

影响范围: Integrity

技术影响: Modify Data

影响范围: Confidentiality

技术影响: Read Data

影响范围: Authorization

技术影响: Execute Unauthorized Commands

说明: Run Arbitrary Code

影响范围: Authorization

技术影响: Gain Privileges

影响范围: Access Control Authorization

技术影响: Bypass Protection Mechanism

影响范围: Availability

技术影响: Unreliable Execution

缓解措施

Design: Configure the access control correctly.

示例实例

For example, an incorrectly configured Web server, may allow unauthorized access to it, thus threaten the security of the Web application.

分类映射

分类名称 条目ID 条目名称
ATTACK 1574.010 Hijack Execution Flow: Services File Permissions Weaknesses
关键信息

CAPEC ID: CAPEC-180

抽象级别: Standard

状态: Draft

典型严重程度: Medium

攻击可能性: High

相关攻击模式
ChildOf CAPEC-122

Privilege Abuse

Meta
CanPrecede CAPEC-17

Using Malicious Files

Standard
相关CWE弱点
CWE-732 CWE-1190 CWE-1191 CWE-1193 CWE-1220 CWE-1268 CWE-1280 CWE-1297 CWE-1311 CWE-1315 CWE-1318 CWE-1320 CWE-1321
返回列表