Threat H.M.SHmACRLnSAC.1

URI: H.M.SHmACRLnSAC.1

Description: Use of login via RemoteAccessService to control Host in Space: anyone with local rights (i.e. at command shell level) for root remote access service RemoteAccessService controlling Host when it is in location Space also has admin rights on Host in the same context.

Threat Type: Primary Threat

Matching Pattern:

MP-SHmACRLnSAC

Finds a remote access service controlling a shell host in a space, and a location access context to the process, related host access contexts and optionally the host manager.

(empty)

H.M.HmAC.0

Root access to Host in all contexts by unauthorized agents: if untrustworthy actors gain admin rights on a host, the best case trustworthiness of the host in any context is degraded.

H.M.HsAC.0

Root access to Host in any context by an unauthorized agent: if an untrustworthy actor gains admin rights on a host, the worst case trustworthiness of the host in any context is degraded.

(empty)

Threat H.M.SHmACRLnSAC.1

MP-SHmACRLnSAC

Triggered by Threat (0)

Triggers Secondary Threats (2)

H.M.HmAC.0

H.M.HsAC.0

Triggered By Control Strategy (0)

Misbehaviour Sets (0)

Control Strategies (0)