Threat P.V.CCCSACvLS.2

URI: P.V.CCCSACvLS.2

Description: Adjacent authenticated exploit as Client on service Service from LogicalSubnet: an attacker able to authenticate as client Client and access Service via an adjacent subnet LogicalSubnet used by Client can send a message with malicious content that, after authentication, can exploit a bug in Service.

Threat Type: Primary Threat

Matching Pattern:

MP-CCCSACvLS

Finds a Client with a Client Channel to a Service via an adjacent L2 subnet, plus their hosts, all related access contexts at the Service, and optionally the client user and the service and service host managers.

(empty)

LossOfExploitTW at Role_ProcAccess

LossOfExploitTW at Role_Service

CSG-PatchingAtService

Use a systematic procedure for regular security patching of software used (including hosted process Service) on device SHost, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply patches immediately for Service should the need for them become urgent.

CSG-PatchingAtService-Implementation

Represents a situation in which software patches have been applied manually by HostManager to eliminate vulnerabilities in process Service. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager.

Threat P.V.CCCSACvLS.2

MP-CCCSACvLS

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (2)

Control Strategies (2)