Standardseverity: MediumDraft

CAPEC-157Sniffing Attacks

Abstraction
Standard
Status
Draft
Severity
Medium

Description

In this attack pattern, the adversary intercepts information transmitted between two third parties. The adversary must be able to observe, read, and/or hear the communication traffic, but not necessarily block the communication or change its content. Any transmission medium can theoretically be sniffed if the adversary can examine the contents between the sender and recipient. Sniffing Attacks are similar to Adversary-In-The-Middle attacks (CAPEC-94), but are entirely passive. AiTM attacks are predominantly active and often alter the content of the communications themselves.

Related weaknesses· 1

CWE-311

Related attack patterns· 2

CAPEC-117 (ChildOf)CAPEC-652 (CanPrecede)

Exploits1

TypeTargetConfidenceTier
WeaknessMissing Encryption of Sensitive Datacwe-311100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Sniffing Network Traffic
CAPEC
Interception
CAPEC
Eavesdropping
CAPEC
Sniff Application Code
CAPEC
Protocol Analysis
CAPEC
Protocol Manipulation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.