Skip to content

Latest commit

 

History

History
129 lines (97 loc) · 6.58 KB

attack-tree.md

File metadata and controls

129 lines (97 loc) · 6.58 KB

Attack Tree Analysis for hashicorp/consul

Objective: [Gain Unauthorized Access to Sensitive Data/Services Managed by Consul]

Attack Tree Visualization

                                     [***Attacker's Goal: Gain Unauthorized Access to Sensitive Data/Services Managed by Consul***]
                                                                    |
                                        -----------------------------------------------------------------------------------------
                                        |                                                                                       |
                      [1. Compromise Consul Agent/Server] (HR)                                         [3. Manipulate Consul KV Store]
                                        |                                                                                       |
                ---------------------------------------------------                                     ---------------------------------------------------
                |                   |                   |                                                                     |                   |
       [1.2 Network       [1.3 Abuse        [1.1 Exploit                                                              [3.1 Inject/Modify    [3.3 Delete
       Intrusion] (HR)  Misconfigured    Vulnerabilities]                                                              Malicious Data]      Critical Data]
                                  ACLs/Policies]
                |                                       |                                                                     |                   |
[***1.2.1 Weak     [1.3.1 Overly     [1.1.2 RCE via                                                           [***3.1.2 Weak ACLs***](HR) [***3.3.1 No ACLs***]
Firewall***](HR)     Permissive    crafted
[***1.2.2 Exposed   ACL Rules***]   gRPC/HTTP]
API***]
[***1.2.3 Default
Credentials***]

Attack Tree Path: [Attacker's Goal: Gain Unauthorized Access to Sensitive Data/Services Managed by Consul]

  • Description: The ultimate objective of the attacker is to gain unauthorized access to sensitive data or services managed by Consul. This could involve data exfiltration, service disruption, or lateral movement within the infrastructure.
  • Likelihood: N/A (This is the goal, not an attack step)
  • Impact: Very High
  • Effort: N/A
  • Skill Level: N/A
  • Detection Difficulty: N/A

Attack Tree Path: [1. Compromise Consul Agent/Server] (HR)

  • Description: This is a high-risk path involving direct attacks against the Consul infrastructure (agents and servers).
  • Likelihood: Medium to High (Due to the combination of sub-attacks)
  • Impact: Very High (Complete control over Consul)
  • Effort: Varies depending on the specific sub-attack
  • Skill Level: Varies depending on the specific sub-attack
  • Detection Difficulty: Varies depending on the specific sub-attack

Attack Tree Path: [1.2 Network Intrusion] (HR)

  • Description: Gaining access to the Consul agent/server through network-level attacks. This is a high-risk path due to the commonality of network misconfigurations.
  • Likelihood: Medium to High
  • Impact: Very High
  • Effort: Varies
  • Skill Level: Varies
  • Detection Difficulty: Varies

Attack Tree Path: [1.2.1 Weak Firewall] (HR)

  • Description: The firewall protecting the Consul infrastructure is misconfigured or has weak rules, allowing direct access to Consul API ports.
  • Likelihood: Medium
  • Impact: High
  • Effort: Low
  • Skill Level: Novice to Intermediate
  • Detection Difficulty: Easy to Medium

Attack Tree Path: [1.2.2 Exposed API]

  • Description: The Consul API is unintentionally exposed to the public internet or a less secure network segment.
  • Likelihood: Low to Medium
  • Impact: Very High
  • Effort: Very Low
  • Skill Level: Novice
  • Detection Difficulty: Easy

Attack Tree Path: [1.2.3 Default Credentials]

  • Description: The default credentials for the Consul agent or UI have not been changed.
  • Likelihood: Low
  • Impact: Very High
  • Effort: Very Low
  • Skill Level: Novice
  • Detection Difficulty: Easy

Attack Tree Path: [1.1 Exploit Vulnerabilities]

Attack Tree Path: [1.1.2 RCE via crafted gRPC/HTTP]

  • Description: Remote Code Execution vulnerability that allows to execute arbitrary code on Consul Agent/Server.
  • Likelihood: Low
  • Impact: Very High
  • Effort: High to Very High
  • Skill Level: Expert
  • Detection Difficulty: Hard to Very Hard

Attack Tree Path: [1.3 Abuse Misconfigured ACLs/Policies]

Attack Tree Path: [1.3.1 Overly Permissive ACL Rules]

  • Description: ACL rules grant excessive access, enabling unauthorized actions.
  • Likelihood: Medium
  • Impact: Medium to High
  • Effort: Low
  • Skill Level: Intermediate
  • Detection Difficulty: Medium to Hard

Attack Tree Path: [3. Manipulate Consul KV Store]

  • Description: Attacking the Key-Value store to inject, modify, or delete data.

Attack Tree Path: [3.1.2 Weak ACLs] (HR) (Inject/Modify)

  • Description: ACL rules protecting the KV store are too permissive, allowing unauthorized write or modification access.
  • Likelihood: Medium
  • Impact: High
  • Effort: Low
  • Skill Level: Intermediate
  • Detection Difficulty: Medium to Hard

Attack Tree Path: [3.3.1 No ACLs] (Delete)

  • Description: There are no ACLs protecting the KV store, allowing anyone to delete data.
  • Likelihood: Low
  • Impact: Very High
  • Effort: Very Low
  • Skill Level: Novice
  • Detection Difficulty: Easy