Loading EN-304-626.md +13 −13 Original line number Diff line number Diff line Loading @@ -1978,24 +1978,24 @@ Mitigations for Impact: Attacker may masquerade as an authorized server to get unauthorized access to product assets. | Risk factors | Likelihood | Security profiles | |----------------------|------------|----------------------------------------------------| | TNET = 0 or ADMN = 0 | Low | LR, IoT-1, | | all others | Medium | IoT-2, IoT-3, RO-1, OT-\*, WE-1, PC-2, LA-2, SE-\* | | TNET = 2 & ADMN = 2 | High | MOB-1, PC-1, LA-1 | |--------------|------------|----------------------------------| | TNET = 0 | Low | LR, IoT-1 | | TNET = 1 | Medium | IoT-2, IoT-3, RO-1, OT-\*, WE-1 | | TNET = 2 | High | MOB-1, PC-\*, LA-\*, PS-1, SE-\* | | Risk factors | Impact | Security profiles | |---------------------------------|--------|----------------------------------------------------------------------| |---------------------------------|--------|----------------------------------------------------------| | max(PPII, SNDS, SNDT, SENF) = 0 | Low | LR, IoT-1 | | max(PPII, SNDS, SNDT, SENF) = 1 | Medium | IoT-2, IoT-3 | | max(PPII, SNDS, SNDT, SENF) = 2 | High | WE-2, RO-1, IoT-3, WE-1, PC-\*, LA-1, PS-1, OT-1, MOB-1, LA-2, SE-\* | | max(PPII, SNDS, SNDT, SENF) = 2 | High | RO-1, OT-1, WE-2, MOB-1, WE-1, PC-\*, LA-\*, PS-1, SE-\* | Requirements that mitigate this threat: CDTX, CRYP, IDTX, AUTH, SCUD, LOGG Requirements that mitigate this threat: CDTX, CRYP, IDTX, AUTH, LOGG Mitigations for Likelihood: * Medium to Low: AUTH, SUDC, (SUVP or SUAP or SUOE or SUAO), CDTX, CRYP, IDTX * Medium to Low: AUTH, SUDC, CDTX, CRYP, IDTX * High to Low: AUTH, SUDC, (SUAP or SUAO), CDTX, CRYP, IDTX * High to Low: AUTH, SUDC, CDTX, CRYP, IDTX Mitigations for Impact: Loading Loading
EN-304-626.md +13 −13 Original line number Diff line number Diff line Loading @@ -1978,24 +1978,24 @@ Mitigations for Impact: Attacker may masquerade as an authorized server to get unauthorized access to product assets. | Risk factors | Likelihood | Security profiles | |----------------------|------------|----------------------------------------------------| | TNET = 0 or ADMN = 0 | Low | LR, IoT-1, | | all others | Medium | IoT-2, IoT-3, RO-1, OT-\*, WE-1, PC-2, LA-2, SE-\* | | TNET = 2 & ADMN = 2 | High | MOB-1, PC-1, LA-1 | |--------------|------------|----------------------------------| | TNET = 0 | Low | LR, IoT-1 | | TNET = 1 | Medium | IoT-2, IoT-3, RO-1, OT-\*, WE-1 | | TNET = 2 | High | MOB-1, PC-\*, LA-\*, PS-1, SE-\* | | Risk factors | Impact | Security profiles | |---------------------------------|--------|----------------------------------------------------------------------| |---------------------------------|--------|----------------------------------------------------------| | max(PPII, SNDS, SNDT, SENF) = 0 | Low | LR, IoT-1 | | max(PPII, SNDS, SNDT, SENF) = 1 | Medium | IoT-2, IoT-3 | | max(PPII, SNDS, SNDT, SENF) = 2 | High | WE-2, RO-1, IoT-3, WE-1, PC-\*, LA-1, PS-1, OT-1, MOB-1, LA-2, SE-\* | | max(PPII, SNDS, SNDT, SENF) = 2 | High | RO-1, OT-1, WE-2, MOB-1, WE-1, PC-\*, LA-\*, PS-1, SE-\* | Requirements that mitigate this threat: CDTX, CRYP, IDTX, AUTH, SCUD, LOGG Requirements that mitigate this threat: CDTX, CRYP, IDTX, AUTH, LOGG Mitigations for Likelihood: * Medium to Low: AUTH, SUDC, (SUVP or SUAP or SUOE or SUAO), CDTX, CRYP, IDTX * Medium to Low: AUTH, SUDC, CDTX, CRYP, IDTX * High to Low: AUTH, SUDC, (SUAP or SUAO), CDTX, CRYP, IDTX * High to Low: AUTH, SUDC, CDTX, CRYP, IDTX Mitigations for Impact: Loading
