CAPEC Attack Patterns

CAPEC attack patterns scored by proportion of reachable CVEs with active exploitation.

444 capec attack patterns scored · Page 4 of 5

critical-risk

high-risk

moderate-risk

low-risk

442

Attack Pattern	Score	Tier
Exponential Data Expansion	3/100	low-risk
Data Interchange Protocol Manipulation	3/100	low-risk
Amplification	3/100	low-risk
Web Services Protocol Manipulation	3/100	low-risk
Quadratic Data Expansion	3/100	low-risk
SOAP Manipulation	3/100	low-risk
SOAP Array Blowup	3/100	low-risk
TCP Fragmentation	3/100	low-risk
UDP Fragmentation	3/100	low-risk
Reflection Attack in Authentication Protocol	3/100	low-risk
Sniff Application Code	3/100	low-risk
SaaS User Request Forgery	3/100	low-risk
XML Flood	3/100	low-risk
Signature Spoofing by Improper Validation	3/100	low-risk
Leveraging/Manipulating Configuration File Search Paths	3/100	low-risk
Query System for Information	3/100	low-risk
Signature Spoofing by Mixing Signed and Unsigned Content	3/100	low-risk
Collect Data from Registries	2/100	low-risk
Collect Data from Screen Capture	2/100	low-risk
Client-Server Protocol Manipulation	2/100	low-risk
Spoofing of UDDI/ebXML Messages	2/100	low-risk
JSON Hijacking (aka JavaScript Hijacking)	2/100	low-risk
Fuzzing for application mapping	2/100	low-risk
Content Spoofing	2/100	low-risk
Application API Navigation Remapping	2/100	low-risk
Cross Site Identification	2/100	low-risk
Blue Boxing	2/100	low-risk
Transaction or Event Tampering via Application API Manipulation	2/100	low-risk
Navigation Remapping To Propagate Malicious Content	2/100	low-risk
Application API Message Manipulation via Man-in-the-Middle	2/100	low-risk
Exploitation of Improperly Controlled Hardware Security Identifiers	2/100	low-risk
Bypassing ATA Password Security	2/100	low-risk
Log Injection-Tampering-Forging	2/100	low-risk
Application API Button Hijacking	2/100	low-risk
Rooting SIM Cards	2/100	low-risk
Transparent Proxy Abuse	2/100	low-risk
Browser in the Middle (BiTM)	2/100	low-risk
Cryptanalysis	2/100	low-risk
Drop Encryption Level	2/100	low-risk
Collect Data from Clipboard	2/100	low-risk
Cryptanalysis of Cellular Encryption	2/100	low-risk
Probe Audio and Video Peripherals	2/100	low-risk
Weakening of Cellular Encryption	2/100	low-risk
Cross-Domain Search Timing	2/100	low-risk
Phishing	1/100	low-risk
Mobile Phishing	1/100	low-risk
Search Order Hijacking	1/100	low-risk
Resource Location Spoofing	1/100	low-risk
Contradictory Destinations in Traffic Routing Schemes	1/100	low-risk
Android Activity Hijack	1/100	low-risk
HTTP Verb Tampering	1/100	low-risk
Schema Poisoning	1/100	low-risk
Harvesting Information via API Event Monitoring	1/100	low-risk
Modification of Registry Run Keys	1/100	low-risk
Application Fingerprinting	1/100	low-risk
Retrieve Embedded Sensitive Data	1/100	low-risk
Rainbow Table Password Cracking	1/100	low-risk
Web Application Fingerprinting	1/100	low-risk
ICMP IP 'ID' Field Error Message Probe	1/100	low-risk
ICMP IP Total Length Field Probe	1/100	low-risk
Action Spoofing	1/100	low-risk
Configuration/Environment Manipulation	1/100	low-risk
Forced Deadlock	1/100	low-risk
Checksum Spoofing	1/100	low-risk
Replace Winlogon Helper DLL	1/100	low-risk
System Footprinting	1/100	low-risk
DNS Blocking	1/100	low-risk
IP Address Blocking	1/100	low-risk
Traffic Injection	1/100	low-risk
Connection Reset	1/100	low-risk
TCP RST Injection	1/100	low-risk
Email Injection	1/100	low-risk
WiFi MAC Address Tracking	1/100	low-risk
WiFi SSID Tracking	1/100	low-risk
Evil Twin Wi-Fi Attack	1/100	low-risk
Manipulate Registry Information	1/100	low-risk
Cellular Broadcast Message Request	1/100	low-risk
Signal Strength Tracking	1/100	low-risk
Analysis of Packet Timing and Sizes	1/100	low-risk
Electromagnetic Side-Channel Attack	1/100	low-risk
Compromising Emanations Attack	1/100	low-risk
Integer Attacks	1/100	low-risk
Exploiting Incorrectly Configured SSL/TLS	1/100	low-risk
Resource Injection	1/100	low-risk
WSDL Scanning	1/100	low-risk
Target Programs with Elevated Privileges	1/100	low-risk
System Location Discovery	1/100	low-risk
DHCP Spoofing	1/100	low-risk
Interception	1/100	low-risk
Infrastructure Manipulation	1/100	low-risk
Spear Phishing	1/100	low-risk
Leveraging Active Adversary in the Middle Attacks to Bypass Same Origin Policy	1/100	low-risk
Mobile Device Fault Injection	0/100	low-risk
Hardware Fault Injection	0/100	low-risk
Lifting Sensitive Data Embedded in Cache	0/100	low-risk
iFrame Overlay	0/100	low-risk
Cellular Traffic Intercept	0/100	low-risk
Clickjacking	0/100	low-risk
NoSQL Injection	0/100	low-risk
Exploitation of Improperly Configured or Implemented Memory Protections	0/100	low-risk

« Prev 1 2 3 4 5 Next »