CAPEC-154 Metadata
Likelihood of Attack
Medium
Typical Severity
Medium
Overview
Summary
An adversary deceives an application or user and convinces them to request a resource from an unintended location. By spoofing the location, the adversary can cause an alternate resource to be used, often one that the adversary controls and can be used to help them achieve their malicious goals.
Prerequisites
None. All applications rely on file paths and therefore, in theory, they or their resources could be affected by this type of attack.
Potential Solutions / Mitigations
Monitor network activity to detect any anomalous or unauthorized communication exchanges.
Related Weaknesses (CWE)
| CWE ID | Description |
|---|---|
| CWE-451 | User Interface (UI) Misrepresentation of Critical Information |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.