CAPEC-114 Metadata
Likelihood of Attack
Medium
Typical Severity
Medium
Overview
Summary
An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker.
Prerequisites
An authentication mechanism or subsystem implementing some form of authentication such as passwords, digest authentication, security certificates, etc. which is flawed in some way.
Potential Solutions / Mitigations
No specific solutions listed.
Related Weaknesses (CWE)
Taxonomy Mappings
Taxonomy: ATTACK
| Entry ID | Entry Name |
|---|---|
| 1548 | Abuse Elevation Control Mechanism |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.