CCC.Core.F07: Event Publication
Capability ID:CCC.Core.F07
Title:Event Publication
Description:The service automatically publishes a structured state-change record
upon creation, deletion, or modification of data, configuration,
components, or child resources.
Mapped Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH10 | State-change Events are Read by Unauthorized Entities | Unauthorized access to state-change events can reveal information about the system's design and usage patterns. This opens the system up to attacks of opportunity and support the planning of attacks on the service, system, or network. | 1 | 1 | 0 |
| CCC.Core.TH11 | Publications are Incorrectly Triggered | Incorrectly triggered publications may disseminate inaccurate or misleading information, creating a data integrity risk. Such misinformation can cause unintended operations to be initiated, conceal legitimate issues, and disrupt the availability or reliability of systems and their data. | 1 | 1 | 0 |