Detailedlikelihood: Highseverity: HighDraft

CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
High

Description

This attack relies on the use of HTTP Cookies to store credentials, state information and other critical data on client systems. There are several different forms of this attack. The first form of this attack involves accessing HTTP Cookies to mine for potentially sensitive data contained therein. The second form involves intercepting this data as it is transmitted from client to server. This intercepted information is then used by the adversary to impersonate the remote user/session. The third form is when the cookie's content is modified by the adversary before it is sent back to the server. Here the adversary seeks to convince the target server to operate on this falsified information.

Related weaknesses· 11

CWE-565CWE-302CWE-311CWE-113CWE-539CWE-20CWE-315CWE-384CWE-472CWE-602CWE-642

MITRE ATT&CK crosswalk· 1

T1539: Steal Web Session Cookie

Related attack patterns· 2

CAPEC-39 (ChildOf)CAPEC-157 (ChildOf)

Exploits11

TypeTargetConfidenceTier
WeaknessClient-Side Enforcement of Server-Side Securitycwe-602100%live
WeaknessExternal Control of Assumed-Immutable Web Parametercwe-472100%live
WeaknessExternal Control of Critical State Datacwe-642100%live
WeaknessUse of Persistent Cookies Containing Sensitive Informationcwe-539100%live
WeaknessCleartext Storage of Sensitive Information in a Cookiecwe-315100%live
WeaknessMissing Encryption of Sensitive Datacwe-311100%live
WeaknessImproper Input Validationcwe-20100%live
WeaknessImproper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')cwe-113100%live
WeaknessReliance on Cookies without Validation and Integrity Checkingcwe-565100%live
WeaknessAuthentication Bypass by Assumed-Immutable Datacwe-302100%live
WeaknessSession Fixationcwe-384100%live

Related to1

TypeTargetConfidenceTier
TechniqueSteal Web Session Cookiet1539100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Manipulating Opaque Client-based Data Tokens
CAPEC
Session Credential Falsification through Manipulation
CAPEC
Cross Site Request Forgery
CAPEC
Cross Site Tracing
CAPEC
Client-Server Protocol Manipulation
CAPEC
Application API Message Manipulation via Man-in-the-Middle
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.