CAPEC-176: Configuration/Environment Manipulation

An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.

Medium

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Overview

CAPEC-176 (Configuration/Environment Manipulation) is a meta-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-176: Configuration/Environment Manipulation

Overview

What the attacker needs

Prerequisites

Resources required

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-176?

What weaknesses does CAPEC-176 target?

How severe is CAPEC-176?

References

Defend against CAPEC-176

Overview

What the attacker needs

Prerequisites

Resources required

Related weaknesses

Related attack patterns

Child

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-176?

What weaknesses does CAPEC-176 target?

How severe is CAPEC-176?

References

Defend against CAPEC-176