Elevation of privilege – authorization

Threat Description

Threat aimed at gaining privileged access to resources, for gaining unauthorized access to information or to compromise a system.

Threat Target

Network Infrastructure.

Attacker Steps

After getting authenticated into the system, an attacker can upload a remote shell to manipulate the server remotely. If there are any missing configurations or patches, the hacker can take advantage of the flaw and escalate his/her  privileges.

Counter-measure
  • Servers are always scanned for missing patches and configurations as well
  • Monitoring the applications for any suspicious activities

Existing Counter-measure
  • Intrusion Detection Systems
  • Smart Data Loss Prevention Systems
  • Smart Firewalls
  • Network Separation using VLANs and Firewalls

 

The DREAD report is as follows:

DREAD
Details
Score /10

Damage

The damage is very high in this case because the hacker will own the system and the network as well.

10

Reproducibility

It can be reproduced any time when the countermeasures are not implemented.

10

Exploitability

The attack can be executed by an intermediate skill hacker.

9

Affected Users

Between 100 and probably more than 1,000.

7

Discoverability

The flaw can be discovered internally because the admin console is not accessible to the outside perimeter.

6

Total

8.4
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.133.121.160