CAPEC | Related Weakness |
Leveraging Active Man in the Middle Attacks to Bypass Same Origin Policy |
CWE-300 | Channel Accessible by Non-Endpoint ('Man-in-the-Middle') |
|
Utilizing REST's Trust in the System Resource to Register Man in the Middle |
|
Man in the Middle Attack |
CWE-287 | Improper Authentication |
CWE-290 | Authentication Bypass by Spoofing |
CWE-294 | Authentication Bypass by Capture-replay |
CWE-300 | Channel Accessible by Non-Endpoint ('Man-in-the-Middle') |
CWE-593 | Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created |
CWE-724 | |
|