URI: P.IS.HP.8
Package: Network
< prev | next >
Description: Process Process in service: if host Host is in service, then Process running on Host will also be in service and subject to attack, unless explicitly disabled.
Threat Type: Primary Threat
Matching Pattern:
Finds a Process and its Host, and optionally the host manager and the interactive user of the process.
(empty)
Service Process serves an unauthentic stored copy of data Data to FlowsTo: if the locally stored copy of Data on Host served by Process is unauthentic, so will the flow of Data served to FlowsTo.
Unauthentic data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is unauthentic, so is the forwarded flow to FlowsTo.
Service Process serves a corrupt stored copy of data Data to FlowsTo: if the locally stored copy of Data on Host served by Process is corrupt, so will the flow of Data served to FlowsTo.
Loss of reliability at Process corrupts outbound flow of data Data to FlowsTo: if there is a loss of reliability at process Process it may send corrupt output Data to FlowsTo.
Corrupt data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is corrupt, so is the forwarded flow to FlowsTo.
Service Process serves an infected stored copy of data Data to FlowsTo: if the locally stored copy of Data on Host served by Process is infected by malware, so will the flow of Data served to FlowsTo.
Infected data Data from FlowsFrom forwarded by Process to FlowsTo: if the flow of data Data from process FlowsFrom to process Process is infected by malware, so is the forwarded flow to FlowsTo.
Flow of unauthentic data Data from FlowsFrom is stored by data service Process: if the flow of data Data from FlowsFrom to Process is unauthentic, then so will be the copy saved locally on device Host by Process.
Flow of corrupt data Data from FlowsFrom is stored by data service Process: if the flow of data Data from FlowsFrom to Process is corrupt, then so will be the copy saved locally on device Host by Process.
Unreliable process Process corrupts locally stored copy of Data: if process Process is not reliable, it may accidentally corrupt a copy of Data stored on its host device Host, to which it has write access.
Flow of infected data Data from FlowsFrom is stored by data service Process: if the flow of data Data from FlowsFrom to Process is infected by malware, then so will be the copy saved locally on device Host by Process.
User Human affected by output Data from unreliable process Process: if process Process is unreliable, any output it provides for display to interactive user Human is likely to be incorrect and may affect the user.
CSG-DisableProcess-Runtime
Process Process is disabled to prevent it being involved in an attack. This strategy represents a run-time adaptation in response to a threat, which may or may not be following some contingency plan. It also triggers threats representing side effects that would be caused by such an action.