Detailedlikelihood: Mediumseverity: HighStable

CAPEC-105HTTP Request Splitting

Abstraction
Detailed
Status
Stable
Likelihood
Medium
Severity
High

Description

Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-74, CWE-113, CWE-138, CWE-436. Related CAPEC patterns: [object Object], [object Object], [object Object], [object Object] (and 4 more). Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-74, CWE-113, CWE-138, CWE-436. Related CAPEC patterns: [object Object], [object Object], [object Object], [object Object] (and 4 more).

Related weaknesses· 4

CWE-74CWE-113CWE-138CWE-436

Related attack patterns· 8

CAPEC-220 (ChildOf)CAPEC-34 (PeerOf)CAPEC-115 (CanPrecede)CAPEC-141 (CanPrecede)CAPEC-63 (CanPrecede)CAPEC-593 (CanPrecede)CAPEC-148 (CanPrecede)CAPEC-154 (CanPrecede)

Exploits4

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')cwe-74100%live
WeaknessImproper Neutralization of Special Elementscwe-138100%live
WeaknessInterpretation Conflictcwe-436100%live
WeaknessImproper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')cwe-113100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
HTTP Response Splitting
CAPEC
HTTP Request Smuggling
CAPEC
HTTP Response Smuggling
CAPEC
Server Side Request Forgery
CAPEC
TCP Fragmentation
CWE
DEPRECATED: HTTP response splitting
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.