CAPEC | Related Weakness |
DNS Blocking |
CWE-300 | Channel Accessible by Non-Endpoint |
|
Man in the Middle Attack |
CWE-287 | Improper Authentication |
CWE-290 | Authentication Bypass by Spoofing |
CWE-294 | Authentication Bypass by Capture-replay |
CWE-300 | Channel Accessible by Non-Endpoint |
CWE-593 | Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created |
CWE-724 | OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management |
|
Utilizing REST's Trust in the System Resource to Obtain Sensitive Data |
CWE-287 | Improper Authentication |
CWE-300 | Channel Accessible by Non-Endpoint |
CWE-693 | Protection Mechanism Failure |
CWE-724 | OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management |
|
Evil Twin Wi-Fi Attack |
CWE-300 | Channel Accessible by Non-Endpoint |
|
WiFi MAC Address Tracking |
CWE-201 | Exposure of Sensitive Information Through Sent Data |
CWE-300 | Channel Accessible by Non-Endpoint |
|
Leveraging Active Man in the Middle Attacks to Bypass Same Origin Policy |
CWE-300 | Channel Accessible by Non-Endpoint |
|
IP Address Blocking |
CWE-300 | Channel Accessible by Non-Endpoint |
|
WiFi SSID Tracking |
CWE-201 | Exposure of Sensitive Information Through Sent Data |
CWE-300 | Channel Accessible by Non-Endpoint |
|