PublishedTo

This relationship means the certificate template can be used when submitting an enrollment request to the specified certification authority.

Abuse Info

An attacker may perform several attacks that rely on a template being published to a certification authority. This relationship alone is not enough to escalate rights or impersonate other principals. This relationship may contribute to other relationships and attributes, from which an escalation opportunity may emerge.

Opsec Considerations

When an attacker abuses an escalation or impersonation primitive that relies on a template being published to a certification authority, a copy of the issued certificate will be saved on the host that issued the certificate.

Edge Schema

Source: CertTemplate
Destination: EnterpriseCA
Traversable: No

References

This edge is related to the following MITRE ATT&CK tactic and techniques:

https://attack.mitre.org/techniques/T1649/

Abuse and Opsec references

https://specterops.io/wp-content/uploads/sites/3/2022/06/Certified_Pre-Owned.pdf

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

Abuse Info

Opsec Considerations

Edge Schema

References

Abuse and Opsec references

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

​Abuse Info

​Opsec Considerations

​Edge Schema

​References

​Abuse and Opsec references

Abuse Info

Opsec Considerations

Edge Schema

References

Abuse and Opsec references