Hi Avi and Nan,
Thanks for you suggestion. I have put in a tracker item for it.
Thanks for your interest in CAPEC.
Rich
--
Rich Piazza
CAPEC Task Leader
Lead Cyber Security Engineer
The MITRE Corporation
781-271-3760
MITRE - Solving
Dear CAPEC community,
We have realized that CAPEC-37 can also be related with CWE-284. Having
improper access control can lead to the disclosure of sensitive data
embedded within the system (For example, sensitive files, certificates
and tokens, etc.).
What do you think about it ?
Best