Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-561:Windows Admin Shares with Stolen Credentials
Attack Pattern ID:561
Version:v3.9
Attack Pattern Name:Windows Admin Shares with Stolen Credentials
Abstraction:Detailed
Status:Draft
Likelihood of Attack:
Typical Severity:
DetailsContent HistoryRelated WeaknessesReports
7Weaknesses found
CWE-262
Not Using Password Aging
ShareView Details
Not Using Password Aging
Likelihood of Exploit-Low
Mapping-Allowed
Abstraction-Base
Found in3CVEs

The product does not have a mechanism in place for managing password aging.

Impacts-
Gain Privileges or Assume Identity
Tags-
Low exploitGain Privileges or Assume Identity (impact)
As Seen In-
CWE Cross-section
CWE-263
Password Aging with Long Expiration
ShareView Details
Password Aging with Long Expiration
Likelihood of Exploit-Low
Mapping-Allowed
Abstraction-Base
Found in1CVEs

The product supports password aging, but the expiration period is too long.

Impacts-
Gain Privileges or Assume Identity
Tags-
Low exploitGain Privileges or Assume Identity (impact)
As Seen In-
CWE Cross-section
CWE-294
Authentication Bypass by Capture-replay
ShareView Details
Authentication Bypass by Capture-replay
Likelihood of Exploit-High
Mapping-Allowed
Abstraction-Base
Found in177CVEs

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Impacts-
Gain Privileges or Assume Identity
Tags-
High exploitGain Privileges or Assume Identity (impact)
As Seen In-
CWE Cross-section
CWE-308
Use of Single-factor Authentication
ShareView Details
Use of Single-factor Authentication
Likelihood of Exploit-High
Mapping-Allowed
Abstraction-Base
Found in7CVEs

The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme.

Impacts-
Bypass Protection Mechanism
Tags-
High exploitBypass Protection Mechanism (impact)
As Seen In-
CWE Cross-section
CWE-309
Use of Password System for Primary Authentication
ShareView Details
Use of Password System for Primary Authentication
Likelihood of Exploit-High
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.

Impacts-
Bypass Protection MechanismGain Privileges or Assume Identity
Tags-
High exploitBypass Protection Mechanism (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-521
Weak Password Requirements
ShareView Details
Weak Password Requirements
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in226CVEs

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

Impacts-
Gain Privileges or Assume Identity
Tags-
Gain Privileges or Assume Identity (impact)
As Seen In-
CWE Cross-section
CWE-522
Insufficiently Protected Credentials
ShareView Details
Insufficiently Protected Credentials
Likelihood of Exploit-Not Available
Mapping-Allowed-with-Review
Abstraction-Class
Found in1192CVEs

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Impacts-
Gain Privileges or Assume Identity
Tags-
ICS/OT (technology class)Gain Privileges or Assume Identity (impact)
As Seen In-
2021 CWE Top 25 Most Dangerous Software2020 CWE Top 25 Most Dangerous SoftwareCWE Cross-section