Dear CAPEC community,We have realized that CAPEC-37 can also be related with CWE-284. Having improper access control can lead to the disclosure of sensitive data embedded within the system (For example, sensitive files, certificates and tokens, etc.).
What do you think about it ? Best regards, Avi and Nan
