CAPEC-545: Pull Data from System Resources

An adversary who is authorized or has the ability to search known system resources, does so with the intention of gathering useful information. System resources include files, memory, and other aspects of the target system. In this pattern of attack, the adversary does not necessarily know what they are going to find when they start pulling data. This is different than CAPEC-150 where the adversary knows what they are looking for due to the common location.

Not rated

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

Overview

CAPEC-545 (Pull Data from System Resources) is a standard-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-545: Pull Data from System Resources

Overview

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-545?

What weaknesses does CAPEC-545 target?

References

Defend against CAPEC-545

Overview

Related weaknesses

Related attack patterns

Parent

Child

Related

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-545?

What weaknesses does CAPEC-545 target?

References

Defend against CAPEC-545