CCC.Vector.TH04: Index Corruption or Downgrade
Threat ID:CCC.Vector.TH04
Title:Index Corruption or Downgrade
Description:
Attackers with unauthorized access or excessive permissions may tamper with or roll back index versions, potentially restoring poisoned data or breaking downstream integrations.
Related Capabilities
ID | Title | Description |
---|---|---|
CCC.Vector.F07 | Index Lifecycle Management | Enables automated or manual creation, optimization, and removal of vector indexes. |
CCC.Vector.F11 | Query Access Control | Provides the ability to restrict who can run vector similarity or metadata filter queries, separate from data modification rights. |
External Mappings
Controls
ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
---|---|---|---|---|---|---|
CCC.Vector.C02 | Enforce Role-Based Index Lifecycle Management | Restrict index lifecycle operations (create, delete, rollback) to privileged identities using fine-grained access controls. | Vector Indexing | 3 | 1 | 1 |
CCC.Vector.C05 | Enforce Index Versioning with Rollback Protection | Ensure vector indexes are versioned and that rollback operations are authorized and auditable. | Vector Indexing | 3 | 1 | 1 |