Detailedseverity: MediumDraft

CAPEC-158Sniffing Network Traffic

Abstraction
Detailed
Status
Draft
Severity
Medium

Description

In this attack pattern, the adversary monitors network traffic between nodes of a public or multicast network in an attempt to capture sensitive information at the protocol level. Network sniffing applications can reveal TCP/IP, DNS, Ethernet, and other low-level network communication information. The adversary takes a passive role in this attack pattern and simply observes and analyzes the traffic. The adversary may precipitate or indirectly influence the content of the observed transaction, but is never the intended recipient of the target information.

Related weaknesses· 1

CWE-311

MITRE ATT&CK crosswalk· 2

T1040: Network SniffingT1111: Multi-Factor Authentication Interception

Related attack patterns· 1

CAPEC-157 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessMissing Encryption of Sensitive Datacwe-311100%live

Related to2

TypeTargetConfidenceTier
TechniqueMulti-Factor Authentication Interceptiont1111100%live
TechniqueNetwork Sniffingt1040100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Sniffing Attacks
CAPEC
Interception
CAPEC
Protocol Analysis
CAPEC
Eavesdropping
CAPEC
Sniff Application Code
Technique
Network Sniffing
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.