Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-194:Fake the Source of Data
Attack Pattern ID:194
Version:v3.9
Attack Pattern Name:Fake the Source of Data
Abstraction:Standard
Status:Stable
Likelihood of Attack:
Typical Severity:Medium
DetailsContent HistoryRelated WeaknessesReports
1Weaknesses found
CWE-287
Improper Authentication
ShareView Details
Improper Authentication
Likelihood of Exploit-High
Mapping-Discouraged
Abstraction-Class
Found in3887CVEs

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Impacts-
Read Application DataGain Privileges or Assume IdentityExecute Unauthorized Code or Commands
Tags-
High exploitLibraries or FrameworksICS/OT (technology class)Execute Unauthorized Code or Commands (impact)Read Application Data (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
2019 CWE Top 25 Most Dangerous Software Errors2021 CWE Top 25 Most Dangerous Software2020 CWE Top 25 Most Dangerous Software2022 CWE Top 25 Most Dangerous Software2023 CWE Top 25 Most Dangerous Software2024 CWE Top 25 Most Dangerous SoftwareOriginally Used by NVD from 2008 to 2016Simplified Mapping of Published Vulnerabilities