Common Attack Pattern Enumeration and Classification by MITRE

ID CAPEC Name Severity Likelihood Confid(...) Integrity Availability
1 Accessing Functionality Not Properly Constrained by ACLs High Very High High Medium Low
2 Inducing Account Lockout Medium High
3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters Medium Medium Low Low High
4 Using Alternative IP Address Encodings High Medium Medium Medium High
5 Blue Boxing Very High Medium Low Medium Medium
6 Argument Injection High High Low High Low
7 Blind SQL Injection High High High High High
8 Buffer Overflow in an API Call High High High High High
9 Buffer Overflow in Local Command-Line Utilities High High High High High
10 Buffer Overflow via Environment Variables High High High High High
11 Cause Web Server Misclassification High Medium High Low Low
12 Choosing a Message/Channel Identifier on a Public/Multicast Channel High Very High Medium Low Low
13 Subverting Environment Variable Values Very High Very High Medium High Low
14 Client-side Injection-induced Buffer Overflow High Medium High High High
15 Command Delimiters High High High High High
16 Dictionary-based Password Attack High Medium High Medium Low
17 Accessing, Modifying or Executing Executable Files Very High High High Medium Low
18 Embedding Scripts in Non-Script Elements Very High High Medium Medium Low
19 Embedding Scripts within Scripts High High Medium High Low
20 Encryption Brute Forcing Low Low