Threat P.L.SHLnSACPmAC.1

URI: P.L.SHLnSACPmAC.1

Description: Use of login via RemoteAccessService to control Process on Host in Space: anyone with local rights (i.e. at command shell level) for remote access service RemoteAccessService controlling the collocated process Process on Host when it is in location Space also has control of Process in that context.

Threat Type: Primary Threat

Matching Pattern:

MP-SHLnSACPmAC

Finds a remote access service controlling a process running on a shell host in a space, and a location access context to the remote access service, related process access contexts and optionally the process manager.

(empty)

P.L.HPmAC.0

Access to the rights of Process by unauthorized agents in all contexts : if untrustworthy actors gain access to Host with the rights of Process, the best case trustworthiness of its users in any context is degraded.

P.L.HPsAC.0

Access to the rights of Process by unauthorized agents in any context: if an untrustworthy actor gains access to Host with the rights of Process in any context, the worst case trustworthiness of its users in any context is degraded.

(empty)

Threat P.L.SHLnSACPmAC.1

MP-SHLnSACPmAC

Triggered by Threat (0)

Triggers Secondary Threats (2)

P.L.HPmAC.0

P.L.HPsAC.0

Triggered By Control Strategy (0)

Misbehaviour Sets (0)

Control Strategies (0)