Detailedlikelihood: Mediumseverity: HighStable

CAPEC-273HTTP Response Smuggling

Abstraction
Detailed
Status
Stable
Likelihood
Medium
Severity
High

Description

Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-74, CWE-436, CWE-444. Related CAPEC patterns: [object Object], [object Object], [object Object], [object Object] (and 4 more). Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-74, CWE-436, CWE-444. Related CAPEC patterns: [object Object], [object Object], [object Object], [object Object] (and 4 more).

Related weaknesses· 3

CWE-74CWE-436CWE-444

Related attack patterns· 8

CAPEC-220 (ChildOf)CAPEC-33 (PeerOf)CAPEC-115 (CanPrecede)CAPEC-141 (CanPrecede)CAPEC-63 (CanPrecede)CAPEC-593 (CanPrecede)CAPEC-148 (CanPrecede)CAPEC-154 (CanPrecede)

Exploits3

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')cwe-74100%live
WeaknessInterpretation Conflictcwe-436100%live
WeaknessInconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')cwe-444100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
HTTP Request Smuggling
CAPEC
HTTP Response Splitting
CAPEC
Server Side Request Forgery
CAPEC
HTTP Request Splitting
CAPEC
URL Encoding
CAPEC
Navigation Remapping To Propagate Malicious Content
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.