Trustworthiness Attribute Extrinsic-AU-TW

URI: Extrinsic-AU-TW

Package: VulnerabilityCVSS

< prev | next >

Description: Free of software vulnerabilities that can be accessed without authentication.

This attribute is undermined by the misbehaviour LossOfExtrinsic-AU-TW

Host

A device that can store, process, transmit or receive data.

Process

Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

Extrinsic-AU-TW
H.V.CHS-iP.3

Local anonymous exploit on host Host in Space: an attacker with physical access to the console of device Host in Space is able to exploit a bug in Host.
Extrinsic-AU-TW
H.V.HL1HS.3

Anonymous exploit on device Host in Space via connection with RemoteHost: an attacker with access to RemoteHost in location Space can send a malicious message via its pairing connection with Host that, without authentication, can exploit a bug in Host.
Extrinsic-AU-TW
H.V.IoH.3

Remote anonymous exploit on device Host from AttackerSubnet via LogicalSubnet: an attacker with access to the subnet AttackerSubnet can send a malicious message via the network to device Host via LogicalSubnet that, without authentication, can exploit a vulnerability in Host.
Extrinsic-AU-TW
H.V.LoH.3

Adjacent anonymous exploit on device Host from LogicalSubnet: an attacker with local access to the subnet LogicalSubnet to which device Host is connected can send a message containing malicious content designed to exploit a bug in Host, without authentication.
Extrinsic-AU-TW
H.V.NoH.3

Remote anonymous exploit on device Host from AttackerSubnet via LogicalSubnet: an attacker with access to the subnet AttackerSubnet can send a malicious message via the network to device Host via LogicalSubnet that, without authentication, can exploit a vulnerability in Host.
Extrinsic-AU-TW
H.W.HIoH.3

Remote malware exploit on device Host from LogicalSubnet: an attacker with access to subnet LogicalSubnet sends a message containing malicious content designed to exploit a bug in Host and install itself there, without authentication.
Extrinsic-AU-TW
H.W.HLoH.3

Adjacent malware exploit on device Host from RemoteHost: malware on device RemoteHost sends a message containing malicious content designed to exploit a bug in Host and install itself there, without authentication.
Extrinsic-AU-TW
H.W.HRoH.3

Remote malware exploit on device Host from RemoteHost: malware on device RemoteHost sends a message containing malicious content designed to exploit a bug in Host and install itself there, without authentication.
Extrinsic-AU-TW
P.V.CSAPNaS.3

Remote anonymous exploit on service Service from LogicalSubnet: an attacker with access to a subnet LogicalSubnet can use a privileged network path to service Service and send a message containing malicious content that, without authentication, can exploit a bug in Service.
Extrinsic-AU-TW
P.V.OSAPLaS.3

Adjacent anonymous exploit on service Service from LogicalSubnet: an attacker with access to a subnet LogicalSubnet can exploit firewall policy exceptions enabling access to service Service and send a message containing malicious content that, without authentication, can exploit a bug in Service.
Extrinsic-AU-TW
P.V.OSAPNaS.3

Remote anonymous exploit on service Service from LogicalSubnet: an attacker with access to a subnet LogicalSubnet can use a privileged network path to service Service and send a message containing malicious content that, without authentication, can exploit a bug in Service.
Extrinsic-AU-TW
SC.A.HuSAPmSC.6.2

Suspended channels to vulnerable service Service via LogicalSubnet cuts availability: the firewall rules allowing access to service Service via LogicalSubnet may be suspended if necessary to prevent attacks. However, this cuts privileged network paths, so communication with Service via that subnet will become unavailable.