How do you prevent CAPEC-472?

Configuration: Disable Java Script in the browser

What weaknesses does CAPEC-472 target?

CAPEC-472 exploits 1 CWE weakness, including CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor).

How severe is CAPEC-472?

MITRE rates CAPEC-472 as Low severity.

CAPEC-472: Browser Fingerprinting

An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.

Last updated June 1, 2026

Low

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

CAPEC-472: Browser Fingerprinting

CAPEC-472: Browser Fingerprinting

Overview

What the attacker needs

Prerequisites

How to mitigate it

Examples

Parent

Frequently asked questions

What is CAPEC-472?

How do you prevent CAPEC-472?

What weaknesses does CAPEC-472 target?

How severe is CAPEC-472?

References

Defend against CAPEC-472

Overview

What the attacker needs

Prerequisites

How to mitigate it

Examples

Related weaknesses

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-472?

How do you prevent CAPEC-472?

What weaknesses does CAPEC-472 target?

How severe is CAPEC-472?

References

Defend against CAPEC-472