Threat DS.Auth.HDS-V.4

URI: DS.Auth.HDS-V.4

Package: VulnerabilityCVSS

< prev | next >

Description: Attacker exploit at Host alters stored copy of Data: the attacker exploits a vulnerability in device Host and is able to alter the stored copy of Data on the device.

Threat Type: Primary Threat

Matching Pattern:

DS.Auth.HDS-V.4
MP-HDS-V

Finds a copy of Data not encrypted with a key from a vault, stored on a Host, and the Physical Host where this is deployed.

        (empty)

        (empty)

CSG-DataStorageEncryption

The copy of Data stored on Host is encrypted.

CSG-SuspendVulnerableHost

Device Host may be temporarily disabled by its manager HostManager to prevent vulnerabilities being exploited by potential attackers. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it may triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

CSG-SuspendVulnerableHost-Implementation-Runtime

Device Host has been disabled by its manager HostManager to prevent a known vulnerability being exploited by an attacker. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user HostManager who is responsible for managing the device. The Disabled Host control should be deselected only when the host has been restarted.