CAPEC-295: Timestamp Request

This pattern of attack leverages standard requests to learn the exact time associated with a target system. An adversary may be able to use the timestamp returned from the target to attack time-based security algorithms, such as random number generators, or time-based authentication mechanisms.

Low

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-295 (Timestamp Request) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-295: Timestamp Request

Overview

What the attacker needs

Prerequisites

Resources required

Consequences

Examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-295?

What weaknesses does CAPEC-295 target?

How severe is CAPEC-295?

References

Defend against CAPEC-295

Overview

What the attacker needs

Prerequisites

Resources required

Consequences

Examples

Related weaknesses

Related attack patterns

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-295?

What weaknesses does CAPEC-295 target?

How severe is CAPEC-295?

References

Defend against CAPEC-295