CAPEC-CAPEC-37 - CERT CVE
Naziv

Retrieve Embedded Sensitive Data

Sažetak An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.
Preduvjeti In order to feasibly execute this type of attack, some valuable data must be present in client software.|Additionally, this information must be unprotected, or protected in a flawed fashion, or through a mechanism that fails to resist reverse engineering, statistical, or other attack.
Rješenja no