Threat CC.AuP.PCCPCCS-i.3

URI: CC.AuP.PCCPCCS-i.3

Description: Access via Client to Process via reverse proxy Service: if client Client is a reverse proxy whose client is untrustworthy, then so (in a more limited sense) is Service.

Threat Type: Primary Threat

Matching Pattern:

MP-PCCPCCS-i

Finds a reverse proxy accessing another reverse proxy that uses a service, via the associated client channels, and optionally the second reverse proxy manager, where there is no credential sharing between the reverse proxies and back-end service.

(empty)

LossOfProxyUserTW at Role_ProxyChannel

(empty)

Threat CC.AuP.PCCPCCS-i.3

MP-PCCPCCS-i

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (0)