CAPEC-268: Audit Log Manipulation

The attacker injects, manipulates, deletes, or forges malicious log entries into the log file, in an attempt to mislead an audit of the log file or cover tracks of an attack. Due to either insufficient access controls of the log files or the logging mechanism, the attacker is able to perform such actions.

Not rated

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

Overview

CAPEC-268 (Audit Log Manipulation) is a standard-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-268: Audit Log Manipulation

Overview

What the attacker needs

Prerequisites

Resources required

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-268?

What weaknesses does CAPEC-268 target?

References

Defend against CAPEC-268

Overview

What the attacker needs

Prerequisites

Resources required

Related weaknesses

Related attack patterns

Parent

Child

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-268?

What weaknesses does CAPEC-268 target?

References

Defend against CAPEC-268