High-risk tools in Clevertap
4 of the 31 tools in Clevertap are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
clevertap_send_test_pushExecuteSend a test push notification to a specific device token via the CleverTap dashboard.
-
clevertap_stop_campaignExecuteStop an active running campaign by its numeric ID.
-
clevertap_web_loginExecuteOpen a Chromium browser window and navigate to the CleverTap dashboard login page. After you complete login (supports SSO and 2FA), the session cookie and CSRF token are capture...
-
clevertap_web_requestExecuteMake an authenticated HTTP request to the CleverTap dashboard (web) API using the session cookie and CSRF token captured by clevertap_web_login. Use this for endpoints not avail...
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.