CAPEC-690: Metadata Spoofing

Description
<p>An adversary alters the metadata of a resource (e.g., file, directory, repository, etc.) to present a malicious resource as legitimate/credible.<p>
Extended Description

One approach to this attack entails the adversary altering a maliciously modified resource's metadata in order to hide their malicious activity. Another approach involves altering the metadata of an adversary-created resource to make the source appear more credible. Adversaries may spoof a variety of metadata across a number of resources, such as the following:

  • Authors of Version Control System (VCS) repository commits
  • Open source package statistics
  • File attributes, such as when a file was last update
    • The ultimate goal of a Metadata Spoofing attack is to trick victims into believing the malicious resource being provided originates from a reputable source. However, the victim instead leverages the malicious resource, which could result in a number of negative technical impacts.

Severity :

High

Possibility :

Medium

Type :

Meta
Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Identification of a resource whose metadata is to be spoofed
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Medium Ability to spoof a variety of metadata to convince victims the source is trusted
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

Visit http://capec.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Nov. 22, 2024 6:52