CAPEC-546 Metadata
Likelihood of Attack
Low
Typical Severity
Medium
Overview
Summary
An adversary obtains unauthorized information due to insecure or incomplete data deletion in a multi-tenant environment. If a cloud provider fails to completely delete storage and data from former cloud tenants' systems/resources, once these resources are allocated to new, potentially malicious tenants, the latter can probe the provided resources for sensitive information still there.
Prerequisites
The cloud provider must not assuredly delete part or all of the sensitive data for which they are responsible.The adversary must have the ability to interact with the system.
Potential Solutions / Mitigations
Cloud providers should completely delete data to render it irrecoverable and inaccessible from any layer and component of infrastructure resources. Deletion of data should be completed promptly when requested.
Related Weaknesses (CWE)
Related CAPECs
| CAPEC ID | Description |
|---|---|
| CAPEC-545 | An adversary who is authorized or has the ability to search known system resources, does so with the intention of gathering useful information. System resources include files, memory, and other aspects of the target system. In this pattern of attack, the adversary does not necessarily know what they are going to find when they start pulling data. This is different than CAPEC-150 where the adversary knows what they are looking for due to the common location. |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.