Threat DS.Auth.HPsACdpDS-V.4

URI: DS.Auth.HPsACdpDS-V.4

Package: VulnerabilityCVSS

< prev | next >

Description: Attacker exploit at Process alters output Data stored on Host: the attacker exploits a vulnerability in process Process and is able to alter the stored copy of Data updated by the process on its host device Host.

Threat Type: Primary Threat

Matching Pattern:

DS.Auth.HPsACdpDS-V.4
MP-HPsACdpDS-V

Finds a host running a Process with write/delete access (crudd) to a locally stored data copy not controlled by a key vault, which it also processes, plus the data access asset representing the data deserialization, the access contexts for the process on this host, any data fields included in the stored data, and optionally the host manager.

        (empty)

        (empty)

CSG-EncryptedDataProcessing

Process Process uses homomorphic encryption technology to perform calculations on data Data in an encrypted domain, allowing it to process the data without first decrypting.

CSG-SuspendVulnerableProcess

Process Process may be temporarily disabled by the manager of its host HostManager to prevent vulnerabilities being exploited by potential attackers. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it may triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

CSG-SuspendVulnerableProcess-Implementation-Runtime

Process Process has been disabled by the manager of its host HostManager to prevent a known vulnerability being exploited by an attacker. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user HostManager who is responsible for managing device Host where Process is running. The Disabled Process control should be deselected only when the process has been restarted.