Detailedlikelihood: Highseverity: HighDraft

CAPEC-102Session Sidejacking

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
High

Description

Session sidejacking takes advantage of an unencrypted communication channel between a victim and target system. The attacker sniffs traffic on a network looking for session tokens in unencrypted traffic. Once a session token is captured, the attacker performs malicious actions by using the stolen token with the targeted application to impersonate the victim. This attack is a specific method of session hijacking, which is exploiting a valid session token to gain unauthorized access to a target system or information. Other methods to perform a session hijacking are session fixation, cross-site scripting, or compromising a user or server machine and stealing the session token.

Related weaknesses· 5

CWE-294CWE-522CWE-523CWE-319CWE-614

Related attack patterns· 1

CAPEC-593 (ChildOf)

Exploits5

TypeTargetConfidenceTier
WeaknessSensitive Cookie in HTTPS Session Without 'Secure' Attributecwe-614100%live
WeaknessUnprotected Transport of Credentialscwe-523100%live
WeaknessInsufficiently Protected Credentialscwe-522100%live
WeaknessCleartext Transmission of Sensitive Informationcwe-319100%live
WeaknessAuthentication Bypass by Capture-replaycwe-294100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Session Hijacking
CAPEC
Session Credential Falsification through Manipulation
CAPEC
Session Credential Falsification through Forging
CAPEC
Session Fixation
CAPEC
Protocol Manipulation
CAPEC
Authentication Abuse
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.