Threat P.L.CSAPNaS.3

URI: P.L.CSAPNaS.3

Description: Remote control of service Service using a back door from LogicalSubnet: an attacker with access to LogicalSubnet can exploit a privileged network path to Service via that subnet, and use a previously installed back door to take control of the service, gaining access to the rights of Service on SHost.

Threat Type: Primary Threat

Matching Pattern:

MP-CSAPNaS

Finds a host running a service, a closed service attack path to the service from a logical subnet, the location access contexts where the service is accessible via this attack path, and optionally the managers of the service and its host.

(empty)

P.L.HPmAC.0

Access to the rights of Process by unauthorized agents in all contexts : if untrustworthy actors gain access to Host with the rights of Process, the best case trustworthiness of its users in any context is degraded.

P.L.HPsAC.0

Access to the rights of Process by unauthorized agents in any context: if an untrustworthy actor gains access to Host with the rights of Process in any context, the worst case trustworthiness of its users in any context is degraded.

(empty)

LocalLossOfUserTW at Role_ProcAccess

CSG-DisableServiceChannel-Runtime

Firewall rules that normally allow access to service Service by clients on otherwise blocked network paths are switched off to prevent an attack. This strategy may represent a run-time adaptation in response to a threat, or a permanent restriction introduced by design or in accordance with an operational policy or user preference to avoid accessing Service over certain networks. It also triggers threats representing side effects that would be caused by such a restriction where they affect all available network paths used by a client.

Threat P.L.CSAPNaS.3

MP-CSAPNaS

Triggered by Threat (0)

Triggers Secondary Threats (2)

P.L.HPmAC.0

P.L.HPsAC.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (1)