The attacker interacts with the target host and finds that session IDs are used to authenticate users.
The attacker steals a session ID from a valid user.
The attacker tries to use the stolen session ID to gain access to the system with the privileges of the session ID's original owner.
Weakness Name | |
---|---|
Authentication Bypass by Capture-replay A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes). |
|
Authentication Bypass by Spoofing This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks. |
|
Origin Validation Error The product does not properly verify that the source of data or communication is valid. |
|
Session Fixation Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions. |
|
Exposure of Data Element to Wrong Session The product does not sufficiently enforce boundaries between the states of different sessions, causing data to be provided to, or used by, the wrong session. |
|
Use of Persistent Cookies Containing Sensitive Information The web application uses persistent cookies, but the cookies contain sensitive information. |
|
Exposure of Sensitive Information to an Unauthorized Actor The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
|
Improper Authorization The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
|
Improper Control of a Resource Through its Lifetime The product does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release. |
|
Incorrect Permission Assignment for Critical Resource The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Name | Organization | Date | Date Release |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation |
Name | Organization | Date | Comment |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated Skills_Required, Taxonomy_Mappings | |
CAPEC Content Team | The MITRE Corporation | Updated Mitigations, Taxonomy_Mappings | |
CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |