216.73.216.233

T1602: Data from Configuration Repository

View on MITRE ATT&CK The MITRE Corporation · Published 20/10/2020 01:46 · Modified 27/03/2026 01:08

Essential information

MITRE technique ID
T1602
Confidence
100/100
Revoked
No
Published
20/10/2020 01:46
Modified
27/03/2026 01:08
Author / Source
The MITRE Corporation

Aliases

T1602

Platforms

Network Devices

Description

Adversaries may collect data related to managed devices from configuration repositories. Configuration repositories are used by management systems in order to configure, manage, and control data on remote systems. Configuration repositories may also facilitate remote access and administration of devices. Adversaries may target these repositories in order to collect large quantities of sensitive system administration data. Data from configuration repositories may be exposed by various protocols and software and can store a wide variety of data, much of which may align with adversary Discovery objectives.(Citation: US-CERT-TA18-106A)(Citation: US-CERT TA17-156A SNMP Abuse 2017)

Kill chain phases

Kill chainPhase
mitre-attack collection

Marking (TLP)

TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.