Loading EN-304-625.md +22 −12 Original line number Diff line number Diff line Loading @@ -1956,21 +1956,31 @@ Mitigations for Impact: * High to Low: NTFY, WDOG, LOGG, TBD - see FIXME above **[TH-DDOS]:** Attacker may exploit vulnerabilities in the product to attack other products. #### C.4.3.8 TH-DDOS: Denial of service attack on other products via exploitation of vulnerabilities | Risk factors | Likelihood | |--------------------------------|------------| | (SFT > 1 or NET > 1) & COM > 1 | High | | (SFT = 1 or NET = 1) & COM > 1 | Medium | | (SFT < 1 & NET < 1) or COM = 0 | Low | Attacker may exploit vulnerabilities in the product to attack other products. | Risk factors | Impact | |--------------|--------| | DOS = 2 | High | | DOS = 1 | Medium | | DOS = 0 | Low | | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|------------------------------| | NET = 0 or COM = 0 or ADM = 0 | Low | WD-1 | | all others | Medium | WD-2, WD-3, WD-4, WL-1, VI-1 | | NET = 2 & COM = 2 & ADM = 2 | High | WL-2, WL-3, VI-2 | | Risk factors | Impact | Security profiles | |--------------|--------|-------------------| | DOS = 2 | High | TBD | | DOS = 1 | Medium | TBD | | DOS = 0 | Low | TBD | Requirements that mitigate this threat: NKEV, LMII, LMAS, LOGG, VULH All mitigations from TH-KEVU apply, plus Mitigations for Likelihood: * Medium to Low: VULH Requirements: AVAI, LMII, LMAS, LOGG, VULH * High to Low: VULH **[TH-MQSE]:** Attacker may masquerade as an authorized server to get unauthorized access to product assets. Loading Loading
EN-304-625.md +22 −12 Original line number Diff line number Diff line Loading @@ -1956,21 +1956,31 @@ Mitigations for Impact: * High to Low: NTFY, WDOG, LOGG, TBD - see FIXME above **[TH-DDOS]:** Attacker may exploit vulnerabilities in the product to attack other products. #### C.4.3.8 TH-DDOS: Denial of service attack on other products via exploitation of vulnerabilities | Risk factors | Likelihood | |--------------------------------|------------| | (SFT > 1 or NET > 1) & COM > 1 | High | | (SFT = 1 or NET = 1) & COM > 1 | Medium | | (SFT < 1 & NET < 1) or COM = 0 | Low | Attacker may exploit vulnerabilities in the product to attack other products. | Risk factors | Impact | |--------------|--------| | DOS = 2 | High | | DOS = 1 | Medium | | DOS = 0 | Low | | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|------------------------------| | NET = 0 or COM = 0 or ADM = 0 | Low | WD-1 | | all others | Medium | WD-2, WD-3, WD-4, WL-1, VI-1 | | NET = 2 & COM = 2 & ADM = 2 | High | WL-2, WL-3, VI-2 | | Risk factors | Impact | Security profiles | |--------------|--------|-------------------| | DOS = 2 | High | TBD | | DOS = 1 | Medium | TBD | | DOS = 0 | Low | TBD | Requirements that mitigate this threat: NKEV, LMII, LMAS, LOGG, VULH All mitigations from TH-KEVU apply, plus Mitigations for Likelihood: * Medium to Low: VULH Requirements: AVAI, LMII, LMAS, LOGG, VULH * High to Low: VULH **[TH-MQSE]:** Attacker may masquerade as an authorized server to get unauthorized access to product assets. Loading
