CAPEC-121
Exploit Non-Production Interfaces
Description
An adversary exploits a sample, demonstration, test, or debug interface that is unintentionally enabled on a production system, with the goal of gleaning information or leveraging functionality that would otherwise be unavailable.
Prerequisites
The target must have configured non-production interfaces and failed to secure or remove them when brought into a production environment.
Mitigations
Ensure that production systems do not contain non-production interfaces and that these interfaces are only used in development environments.
Skills Required
[High] Exploiting non-production interfaces requires significant skill and knowledge about the potential non-production interfaces left enabled in production.