Guest User Abuse
Type: technique
Description: The adversary could exploit misconfigurations related to guest user permissions in order to interact with the AI system. The platforms on which these AI systems reside typically aim to provide guest accounts with restricted access for specific tasks. However, if guest access is misconfigured, it could unintentionally grant more extensive permissions than originally intended - including privileges for AI systems interaction.
Version: 0.1.0
Created At: 2024-10-11 16:54:32 +0300
Last Modified At: 2024-10-11 16:54:32 +0300
External References
Related Objects
- --> Initial Access (tactic): An adversary could leverage a guest user account as a foothold into the target environment.