Name Use of Known Domain Credentials
Summary An adversary uses stolen credentials (e.g., userid and password) to access systems managed under the same credential framework on a local network. Often, users are allowed to login to connected machines using the same password. Discovery of the password on one machine allows for lateral movement to those machines.
Prerequisites
Solutions
Related Weaknesses
CWE ID Description
CWE-522 Insufficiently Protected Credentials
Back to Top