CAPEC-691: Spoof Open-Source Software Metadata
Description
Extended Description
Due to open-source software's popularity, it serves as a desirable attack-vector for adversaries since a single malicious component may result in the exploitation of numerous systems/applications. Adversaries may, therefore, spoof the metadata pertaining to the open-source software in order to trick victims into downloading and using their malicious software. Examples of metadata that may be spoofed include:
- Owner of the software (e.g., repository or package owner)
- Author(s) of repository commits
- Frequency of repository commits
- Date/Time of repository commits
- Package or Repository "stars"
Once the malicious software component has been integrated into an underlying application or executed on a system, the adversary is ultimately able to achieve numerous negative technical impacts within the system/application. This often occurs without any indication of compromise.
Severity :
High
Possibility :
Medium
Type :
Standard
Relationships with other CAPECs
This table shows the other attack patterns and high level categories that are related to this attack pattern.
Prerequisites
This table shows the other attack patterns and high level categories that are related to this attack pattern.
- Identification of a popular open-source component whose metadata is to be spoofed.
Skills required
This table shows the other attack patterns and high level categories that are related to this attack pattern.
- Medium Ability to spoof a variety of software metadata to convince victims the source is trusted.
Taxonomy mappings
Mappings to ATT&CK, OWASP and other frameworks.
Related CWE
A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.
Visit http://capec.mitre.org/ for more details.