Consequences of exploitation

Consequence Definition
Bypass Security Circumvent security restrictions such as authentication, firewall, proxy, IDS/IPS system, or virus scanner
Cross-Site Scripting The impact of cross-site scripting varies depending on the targeted application or victim user, but can include such consequences as sensitive information disclosure, session hijacking, spoofing, site redirection, or website defacement
Data Manipulation Manipulate data used or stored by the host associated with the service or application
Denial of Service Crash or disrupt a service or system
File Manipulation Create, delete, read, modify, or overwrite files
Gain Access Obtain local and remote access to an application or system. This also includes vulnerabilities by which an attacker can execute code or commands, because this usually allows the attacker to gain access to the underlying service or operating system
Gain Privileges An attacker using valid credentials can obtain elevated privileges for an application or system
Obtain Information Obtain information such as file and path names, source code, passwords, or server configuration details
Other Anything not covered by the other categories
Unknown The consequence cannot be determined based on insufficient information
Topic revision: r2 - 2014-02-24 - JimSkon
 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback