Skip to main content

CCC.Core.TH01: Access is Granted to Unauthorized Users

Threat ID:CCC.Core.TH01
Title:Access is Granted to Unauthorized Users
Description:

Logic designed to give different permissions to different entities may be misconfigured or manipulated, allowing unauthorized entities to access restricted parts of the service, its data, or its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data.

Related Capabilities

IDTitleDescription
CCC.Core.CP06Access ControlThe service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes.
CCC.Core.CP29Active IngestionWhile running, the service can receive inputs, commands, or data streams from external sources such as dedicated APIs, exposed network ports, message queues, and persistent data ingestion channels.

External Mappings

Reference IDEntry IDStrengthRemarks
MITRE-ATT&CK
T1078
0
Valid Accounts
MITRE-ATT&CK
T1548
0
Abuse Elevation Control Mechanism
MITRE-ATT&CK
T1203
0
Exploitation for Credential Access
MITRE-ATT&CK
T1098
0
Account Manipulation
MITRE-ATT&CK
T1484
0
Domain or Tenant Policy Modification
MITRE-ATT&CK
T1546
0
Event Triggered Execution
MITRE-ATT&CK
T1537
0
Transfer Data to Cloud Account
MITRE-ATT&CK
T1567
0
Exfiltration Over Web Service
MITRE-ATT&CK
T1048
0
Exfiltration Over Alternative Protocol
MITRE-ATT&CK
T1485
0
Data Destruction
MITRE-ATT&CK
T1565
0
Data Manipulation
MITRE-ATT&CK
T1027
0
Obfuscated Files or Information

Controls

IDTitleObjectiveControl FamilyThreat MappingsGuideline MappingsAssessment Requirements
CCC.SecMgmt.CN01Enforce Automatic Secret RotationEnsure that secrets are automatically rotated on a defined schedule to reduce the risk of secret compromise and unauthorized access. Data Protection
2
3
1