Threat Event
An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.
|
|
| ID | CAPEC-176 |
| Latest Sync Date | 11/05/25 15:15:38 |
| Original ID | 176 |
| Abstraction | Meta |
| Status | Draft |
| Alternate Terms | |
| Likelihood Of Attack | |
| Typical Severity | Medium |
| Related Attack Patterns | |
| Execution Flow | |
| Prerequisites | ::The target application must consult external files or configuration controls to control its execution. All but the very simplest applications meet this requirement.:: |
| Skills Required | |
| Resources Required | ::The attacker must have the access necessary to affect the files or other environment items the targeted application uses for its operations.:: |
| Indicators | |
| Consequences | |
| Mitigations | |
| Example Instances | |
| Related Weaknesses | ::15::1233::1234::1304::1328:: |
| Taxonomy Mappings | TAXONOMY NAME:OWASP Attacks:ENTRY NAME:Setting Manipulation:: |
| Notes | |