Control Strategy SuspendServiceVulnerableToXSS

URI: CSG-SuspendServiceVulnerableToXSS-Trigger

Description: Service Service may be temporarily disabled by the manager of its host HostManager to prevent a known vulnerability being exploited in a cross-site scripting attack. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it may triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

(empty)

CSG-SuspendServiceVulnerableToXSS-Trigger

P.A.HuDFrXSS.6

Service Service disabled to prevent XSS attack on Client via its input Data from FlowsFrom: if service Service is disabled by HostManager to prevent XSS attacks using malicious content injected via Data from FlowsFrom, this will make the service unavailable.

P.A.HuDFsXSS.6

Service Service disabled to prevent XSS attack on Client injected via input Data from FlowsFrom: if service Service is disabled to prevent XSS attacks on Client injected via input Data from FlowsFrom, then Service will be unavailable.

P.A.HuDSrXSS.6

Service Service disabled to prevent XSS attack on Client via its input Data: if service Service is disabled to prevent XSS attacks using malicious content injected via locally stored inpuut Data, this will make the service unavailable.

P.A.HuDSsXSS.6

Service Service disabled to prevent XSS attack on Client injected via local input Data: if service Service is disabled to prevent XSS attacks on Client injected via input Data, then Service will be unavailable.

SuspendVulnerableService at Role_Service

SystemSecurityTraining at Role_HostManager

Control Strategy SuspendServiceVulnerableToXSS

Mitigated Threats (0)

Blocked Threats (0)

Triggers Threats (4)

P.A.HuDFrXSS.6

P.A.HuDFsXSS.6

P.A.HuDSrXSS.6

P.A.HuDSsXSS.6

Control Sets (2)