@@ -1940,19 +1940,19 @@ Attacker may use host system or network access for a denial-of-service attack on
Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG
FIXME: Need to add mitigations for fast packet drop, limiting memory allocations until authenticated, rate-limiting by source, round-robin queues, etc.
TODO: Need to add mitigations for fast packet drop, limiting memory allocations until authenticated, rate-limiting by source, round-robin queues, etc.
Mitigations for Likelihood:
* Medium to Low: TBD - has to be outsourced to environment?
* Medium to Low: TODO: has to be outsourced to environment?
* High to Low: TBD - has to be outsourced to environment?
* High to Low: TODO: has to be outsourced to environment?
Mitigations for Impact:
* Medium to Low: (NTFY or WDOG), LOGG, TBD - see FIXME above
* Medium to Low: (NTFY or WDOG), LOGG, TODO: see TODO above
* High to Low: NTFY, WDOG, LOGG, TBD - see FIXME above
* High to Low: NTFY, WDOG, LOGG, TODO: see TODO above
#### C.4.3.8 TH-DDOS: Denial of service attack on other products via exploitation of vulnerabilities
