CAPEC-166: Force the System to Reset Values

An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions.

Medium

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

Overview

Since these functions are usually intended as emergency features to return an application to a stable configuration if the current configuration degrades functionality, they may not be as strongly secured as other configuration options. The resetting of values is dangerous as it may enable undesired functionality, disable services, or modify access controls. At the very least this is a nuisance attack since the administrator will need to re-apply their configuration. At worst, this attack can open avenues for powerful attacks against the application, and, if it isn't obvious that the configuration has been reset, these vulnerabilities may be present a long time before they are notices.

CAPEC-166: Force the System to Reset Values

Overview

What the attacker needs

Prerequisites

Resources required

Frequently asked questions

What is CAPEC-166?

What weaknesses does CAPEC-166 target?

How severe is CAPEC-166?

References

Defend against CAPEC-166

Overview

What the attacker needs

Prerequisites

Resources required

Related weaknesses

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-166?

What weaknesses does CAPEC-166 target?

How severe is CAPEC-166?

References

Defend against CAPEC-166