CAPEC-179 Metadata
Likelihood of Attack
Medium
Typical Severity
Medium
Overview
Summary
An attacker is able to discover and query Micro-services at a web location and thereby expose the Micro-services to further exploitation by gathering information about their implementation and function. Micro-services in web pages allow portions of a page to connect to the server and update content without needing to cause the entire page to update. This allows user activity to change portions of the page more quickly without causing disruptions elsewhere.
Prerequisites
The target site must use micro-services that interact with the server and one or more of these micro-services must be vulnerable to some other attack pattern.
Potential Solutions / Mitigations
No specific solutions listed.
Related CAPECs
| CAPEC ID | Description |
|---|---|
| CAPEC-554 | An adversary attacks a system by bypassing some or all functionality intended to protect it. Often, a system user will think that protection is in place, but the functionality behind those protections has been disabled by the adversary. |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.