CAPEC-212: Functionality Misuse
An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data.
Last updated
Overview
CAPEC-212 (Functionality Misuse) is a meta-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
What the attacker needs
Prerequisites
- The adversary has the capability to interact with the application directly.The target system does not adequately implement safeguards to prevent misuse of authorized actions/processes.
Skills required
- Low skill: General computer knowledge about how applications are launched, how they interact with input/output, and how they are configured.
Consequences
What a successful CAPEC-212 attack can achieve.
Gain Privileges
Affects: Confidentiality
A successful attack of this kind can compromise the confidentiality of an authorized user's credentials.
Other
Affects: Confidentiality, Integrity, Availability
Depending on the adversary's intended technical impact, a successful attack of this kind can compromise any or all elements of the security triad.
How to mitigate it
Defenses that reduce the risk of CAPEC-212.
- Perform comprehensive threat modeling, a process of identifying, evaluating, and mitigating potential threats to the application. This effort can help reveal potentially obscure application functionality that can be manipulated for malicious purposes.