Prerequisites
The identity associated with the message or resource must be removable or modifiable in an undetectable way.
Resources Required
None: No specialized resources are required to execute this type of attack.
Mitigations
Employ robust authentication processes (e.g., multi-factor authentication).
Related Weaknesses
CWE-ID |
Weakness Name |
CWE-287 |
Improper Authentication When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Submission
Name |
Organization |
Date |
Date Release |
CAPEC Content Team |
The MITRE Corporation |
2014-06-23 +00:00 |
Modifications
Name |
Organization |
Date |
Comment |
CAPEC Content Team |
The MITRE Corporation |
2017-05-01 +00:00 |
Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, Related_Weaknesses, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit |
CAPEC Content Team |
The MITRE Corporation |
2017-08-04 +00:00 |
Updated Resources_Required |
CAPEC Content Team |
The MITRE Corporation |
2022-02-22 +00:00 |
Updated Description, Extended_Description |