Hi Avi and Nan,
Thanks for you suggestion. I have put in a tracker item for it.
Thanks for your interest in CAPEC.
CAPEC Task Leader
Lead Cyber Security Engineer
The MITRE Corporation
MITRE - Solving Problems for a Safer World™
From: Nan MESSE
Date: Friday, March 3, 2023 at 10:23 AM
To: CAPEC Researcher Discussion
Cc: Avi Shaked
Subject: Suggestion to improve CAPEC 37
Dear CAPEC community,
We have realized that CAPEC-37 can also be related with CWE-284. Having
improper access control can lead to the disclosure of sensitive data
embedded within the system (For example, sensitive files, certificates
and tokens, etc.).
What do you think about it ?
Avi and Nan