CAPEC-510: SaaS User Request Forgery

An adversary, through a previously installed malicious application, performs malicious actions against a third-party Software as a Service (SaaS) application (also known as a cloud based application) by leveraging the persistent and implicit trust placed on a trusted user's session. This attack is executed after a trusted user is authenticated into a cloud service, "piggy-backing" on the authenticated session, and exploiting the fact that the cloud service believes it is only interacting with the trusted user. If successful, the actions embedded in the malicious application will be processed and accepted by the targeted SaaS application and executed at the trusted user's privilege level.

Medium

Typical severity

Per MITRE

High

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

CAPEC-510: SaaS User Request Forgery

Overview

What the attacker needs

Prerequisites

Skills required

How to mitigate it

Frequently asked questions

What is CAPEC-510?

How do you prevent CAPEC-510?

What weaknesses does CAPEC-510 target?

How severe is CAPEC-510?

References

Defend against CAPEC-510