Name Configuration/Environment Manipulation
Summary An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.
Prerequisites The target application must consult external files or configuration controls to control its execution. All but the very simplest applications meet this requirement.
Related Weaknesses
CWE ID Description
CWE-15 External Control of System or Configuration Setting
Back to Top