This difference report was created to show both changes in content and changes resulting from migrating to the new CAPEC 3.0 Schema. A difference report from CAPEC Version 2.12 to CAPEC Version 3.0 would be a result of schema changes and not reflect updated content.
CAPEC --> CWE
Mappings Added
|
CAPEC-120 Double Encoding |
--> |
CWE-20 |
Improper Input Validation |
--> |
CWE-21 |
Pathname Traversal and Equivalence Errors |
--> |
CWE-74 |
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
--> |
CWE-171 |
Cleansing, Canonicalization, and Comparison Errors |
--> |
CWE-172 |
Encoding Error |
--> |
CWE-173 |
Improper Handling of Alternate Encoding |
--> |
CWE-177 |
Improper Handling of URL Encoding (Hex Encoding) |
--> |
CWE-181 |
Incorrect Behavior Order: Validate Before Filter |
--> |
CWE-183 |
Permissive Whitelist |
--> |
CWE-184 |
Incomplete Blacklist |
--> |
CWE-692 |
Incomplete Blacklist to Cross-Site Scripting |
--> |
CWE-697 |
Insufficient Comparison |
CAPEC-159 Redirect Access to Libraries |
--> |
CWE-426 |
Untrusted Search Path |
--> |
CWE-427 |
Uncontrolled Search Path Element |
--> |
CWE-428 |
Unquoted Search Path or Element |
CAPEC-177 Create files with the same name as files protected with a higher classification |
--> |
CWE-706 |
Use of Incorrectly-Resolved Name or Reference |
CAPEC-192 Protocol Analysis |
--> |
CWE-326 |
Inadequate Encryption Strength |
CAPEC-194 Fake the Source of Data |
--> |
CWE-287 |
Improper Authentication |
CAPEC-201 XML Entity Linking |
--> |
CWE-829 |
Inclusion of Functionality from Untrusted Control Sphere |
CAPEC-203 Manipulate Registry Information |
--> |
CWE-15 |
External Control of System or Configuration Setting |
CAPEC-206 Signing Malicious Code |
--> |
CWE-732 |
Incorrect Permission Assignment for Critical Resource |
CAPEC-221 XML External Entities Blowup |
--> |
CWE-611 |
Improper Restriction of XML External Entity Reference ('XXE') |
CAPEC-253 Remote Code Inclusion |
--> |
CWE-829 |
Inclusion of Functionality from Untrusted Control Sphere |
CAPEC-271 Schema Poisoning |
--> |
CWE-15 |
External Control of System or Configuration Setting |
--> |
CWE-472 |
External Control of Assumed-Immutable Web Parameter |
CAPEC-276 Inter-component Protocol Manipulation |
--> |
CWE-707 |
Improper Enforcement of Message or Data Structure |
CAPEC-279 SOAP Manipulation |
--> |
CWE-674 |
Uncontrolled Recursion |
CAPEC-285 ICMP Echo Request Ping |
--> |
CWE-200 |
Information Exposure |
CAPEC-287 TCP SYN Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-290 Enumerate Mail Exchange (MX) Records |
--> |
CWE-200 |
Information Exposure |
CAPEC-291 DNS Zone Transfers |
--> |
CWE-200 |
Information Exposure |
CAPEC-292 Host Discovery |
--> |
CWE-200 |
Information Exposure |
CAPEC-293 Traceroute Route Enumeration |
--> |
CWE-200 |
Information Exposure |
CAPEC-294 ICMP Address Mask Request |
--> |
CWE-200 |
Information Exposure |
CAPEC-295 Timestamp Request |
--> |
CWE-200 |
Information Exposure |
CAPEC-296 ICMP Information Request |
--> |
CWE-200 |
Information Exposure |
CAPEC-297 TCP ACK Ping |
--> |
CWE-200 |
Information Exposure |
CAPEC-298 UDP Ping |
--> |
CWE-200 |
Information Exposure |
CAPEC-299 TCP SYN Ping |
--> |
CWE-200 |
Information Exposure |
CAPEC-300 Port Scanning |
--> |
CWE-200 |
Information Exposure |
CAPEC-301 TCP Connect Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-302 TCP FIN Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-303 TCP Xmas Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-304 TCP Null Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-305 TCP ACK Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-306 TCP Window Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-307 TCP RPC Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-308 UDP Scan |
--> |
CWE-200 |
Information Exposure |
CAPEC-309 Network Topology Mapping |
--> |
CWE-200 |
Information Exposure |
CAPEC-310 Scanning for Vulnerable Software |
--> |
CWE-200 |
Information Exposure |
CAPEC-312 Active OS Fingerprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-313 Passive OS Fingerprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-317 IP ID Sequencing Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-318 IP 'ID' Echoed Byte-Order Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-319 IP (DF) 'Don't Fragment Bit' Echoing Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-320 TCP Timestamp Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-321 TCP Sequence Number Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-322 TCP (ISN) Greatest Common Divisor Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-323 TCP (ISN) Counter Rate Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-324 TCP (ISN) Sequence Predictability Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-325 TCP Congestion Control Flag (ECN) Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-326 TCP Initial Window Size Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-327 TCP Options Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-328 TCP 'RST' Flag Checksum Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-329 ICMP Error Message Quoting Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-330 ICMP Error Message Echoing Integrity Probe |
--> |
CWE-200 |
Information Exposure |
CAPEC-441 Malicious Logic Insertion |
--> |
CWE-284 |
Improper Access Control |
CAPEC-478 Modification of Windows Service Configuration |
--> |
CWE-285 |
Improper Authorization |
CAPEC-479 Malicious Root Certificate |
--> |
CWE-284 |
Improper Access Control |
CAPEC-499 Intent Intercept |
--> |
CWE-925 |
Improper Verification of Intent by Broadcast Receiver |
CAPEC-501 Activity Hijack |
--> |
CWE-923 |
Improper Restriction of Communication Channel to Intended Endpoints |
CAPEC-536 Data Injected During Configuration |
--> |
CWE-284 |
Improper Access Control |
CAPEC-546 Probe Application Memory |
--> |
CWE-284 |
Improper Access Control |
CAPEC-555 Remote Services with Stolen Credentials |
--> |
CWE-522 |
Insufficiently Protected Credentials |
CAPEC-573 Process Footprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-574 Services Footprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-575 Account Footprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-576 Group Permission Footprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-577 Owner Footprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-578 Disable Security Software |
--> |
CWE-285 |
Improper Authorization |
CAPEC-586 Object Injection |
--> |
CWE-502 |
Deserialization of Untrusted Data |
CAPEC-633 Token Impersonation |
--> |
CWE-287 |
Improper Authentication |
CAPEC-634 Probe Audio and Video Peripherals |
--> |
CWE-267 |
Privilege Defined With Unsafe Actions |
CAPEC-635 Alternative Execution Due to Deceptive Filenames |
--> |
CWE-162 |
Improper Neutralization of Trailing Special Elements |
CAPEC-637 Collect Data from Clipboard |
--> |
CWE-267 |
Privilege Defined With Unsafe Actions |
CAPEC-639 Probe System Files |
--> |
CWE-552 |
Files or Directories Accessible to External Parties |
CAPEC-640 Inclusion of Code in Existing Process |
--> |
CWE-706 |
Use of Incorrectly-Resolved Name or Reference |
CAPEC-641 DLL Side-Loading |
--> |
CWE-706 |
Use of Incorrectly-Resolved Name or Reference |
CAPEC-642 Replace Binaries |
--> |
CWE-732 |
Incorrect Permission Assignment for Critical Resource |
CAPEC-643 Identify Shared Files/Directories on System |
--> |
CWE-200 |
Information Exposure |
--> |
CWE-267 |
Privilege Defined With Unsafe Actions |
CAPEC-644 Use of Captured Hashes (Pass The Hash) |
--> |
CWE-522 |
Insufficiently Protected Credentials |
CAPEC-645 Use of Captured Tickets (Pass The Ticket) |
--> |
CWE-522 |
Insufficiently Protected Credentials |
CAPEC-646 Peripheral Footprinting |
--> |
CWE-200 |
Information Exposure |
CAPEC-647 Collect Data from Registries |
--> |
CWE-285 |
Improper Authorization |
CAPEC-648 Collect Data from Screen Capture |
--> |
CWE-267 |
Privilege Defined With Unsafe Actions |
CAPEC-649 Adding a Space to a File Extension |
--> |
CWE-64 |
Windows Shortcut Following (.LNK) |
CAPEC-650 Upload a Web Shell to a Web Server |
--> |
CWE-553 |
Command Shell in Externally Accessible Directory |
CAPEC-651 Eavesdropping |
--> |
CWE-200 |
Information Exposure |