Standardseverity: MediumDraft

CAPEC-465Transparent Proxy Abuse

Abstraction
Standard
Status
Draft
Severity
Medium

Description

A transparent proxy serves as an intermediate between the client and the internet at large. It intercepts all requests originating from the client and forwards them to the correct location. The proxy also intercepts all responses to the client and forwards these to the client. All of this is done in a manner transparent to the client.

Related weaknesses· 1

CWE-441

MITRE ATT&CK crosswalk· 1

T1090.001: Proxy: Internal Proxy

Related attack patterns· 1

CAPEC-554 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessUnintended Proxy or Intermediary ('Confused Deputy')cwe-441100%live

Related to1

TypeTargetConfidenceTier
SubTechniqueInternal Proxyt1090.001100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Client-Server Protocol Manipulation
Technique
Proxy
CAPEC
Exploiting Trust in Client
CAPEC
Protocol Manipulation
CAPEC
Traffic Injection
CAPEC
Content Spoofing Via Application API Manipulation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.