Hi Avi and Nan,

Thanks for you suggestion.  I have put in a tracker item for it.

Thanks for your interest in CAPEC.


Rich Piazza
CAPEC Task Leader
Lead Cyber Security Engineer
The MITRE Corporation
MITRE - Solving Problems for a Safer World™

From: Nan MESSE <lunanan4178...@gmail.com>
Date: Friday, March 3, 2023 at 10:23 AM
To: CAPEC Researcher Discussion <capec-research-list@mitre.org>
Cc: Avi Shaked <avi.sha...@cs.ox.ac.uk>
Subject: Suggestion to improve CAPEC 37
Dear CAPEC community,

We have realized that CAPEC-37 can also be related with CWE-284. Having
improper access control can lead to the disclosure of sensitive data
embedded within the system (For example, sensitive files, certificates
and tokens, etc.).

What do you think about it ?

Best regards,

Avi and Nan

Reply via email to