An attacker forces the target into a previous state in order to leverage
						potential weaknesses in the target dependent upon a prior configuration or
						state-dependent factors. Even in cases where an attacker may not be able to
						directly control the configuration of the targeted application, they may be
						able to reset the configuration to a prior state since many applications
						implement reset functions. Since these functions are usually intended as
						emergency features to return an application to a stable configuration if the
						current configuration degrades functionality, they may not be as strongly
						secured as other configuration options. The resetting of values is dangerous
						as it may enable undesired functionality, disable services, or modify access
						controls. At the very least this is a nuisance attack since the
						administrator will need to re-apply their configuration. At worst, this
						attack can open avenues for powerful attacks against the application, and,
						if it isn't obvious that the configuration has been reset, these
						vulnerabilities may be present a long time before they are notices.