Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-546:Incomplete Data Deletion in a Multi-Tenant Environment
Attack Pattern ID:546
Version:v3.9
Attack Pattern Name:Incomplete Data Deletion in a Multi-Tenant Environment
Abstraction:Detailed
Status:Draft
Likelihood of Attack:Low
Typical Severity:Medium
DetailsContent HistoryRelated WeaknessesReports
▼Description
An adversary obtains unauthorized information due to insecure or incomplete data deletion in a multi-tenant environment. If a cloud provider fails to completely delete storage and data from former cloud tenants' systems/resources, once these resources are allocated to new, potentially malicious tenants, the latter can probe the provided resources for sensitive information still there.
▼Extended Description
▼Alternate Terms
▼Relationships
NatureTypeIDName
ChildOfS545Pull Data from System Resources
Nature: ChildOf
Type: Standard
ID: 545
Name: Pull Data from System Resources
▼Execution Flow
▼Prerequisites
The cloud provider must not assuredly delete part or all of the sensitive data for which they are responsible.The adversary must have the ability to interact with the system.
▼Skills Required
Low

The adversary requires the ability to traverse directory structure.

▼Resources Required
▼Indicators
▼Consequences
ScopeLikelihoodImpactNote
ConfidentialityN/ARead DataA successful attack that probes application memory will compromise the confidentiality of that data.
Scope: Confidentiality
Likelihood: N/A
Impact: Read Data
Note: A successful attack that probes application memory will compromise the confidentiality of that data.
▼Mitigations
Cloud providers should completely delete data to render it irrecoverable and inaccessible from any layer and component of infrastructure resources.
Deletion of data should be completed promptly when requested.
▼Example Instances
▼Related Weaknesses
IDName
CWE-1266Improper Scrubbing of Sensitive Data from Decommissioned Device
CWE-1272Sensitive Information Uncleared Before Debug/Power State Transition
CWE-284Improper Access Control
ID: CWE-1266
Name: Improper Scrubbing of Sensitive Data from Decommissioned Device
ID: CWE-1272
Name: Sensitive Information Uncleared Before Debug/Power State Transition
ID: CWE-284
Name: Improper Access Control
▼Taxonomy Mappings
Taxonomy NameEntry IDEntry Name
▼Notes
▼References
Reference ID: REF-461
Title: Assured Deletion in the Cloud: Requirements, Challenges and Future Directions
Author: Kopo M. Ramokapane, Awais Rashid, Jose M. Such
Publication:
Association for Computing Machinery (ACM)
Publisher:Proceedings of the 2016 ACM on Cloud Computing Security Workshop
Edition:
URL:https://nms.kcl.ac.uk/jose.such/pubs/Assured_deletion.pdf
URL Date:
Day:N/A
Month:N/A
Year:N/A
Details not found