Standardlikelihood: Highseverity: Very HighStable

CAPEC-593Session Hijacking

Abstraction
Standard
Status
Stable
Likelihood
High
Severity
Very High

Description

This type of attack involves an adversary that exploits weaknesses in an application's use of sessions in performing authentication. The adversary is able to steal or manipulate an active session and use it to gain unathorized access to the application. Metadata: standard CAPEC pattern, status stable, likelihood high, severity very high. Underlying weakness: CWE-287. Mapped ATT&CK techniques: [object Object], [object Object], [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 1

CWE-287

MITRE ATT&CK crosswalk· 3

T1185: Browser Session HijackingT1550.001: Use Alternate Authentication Material:Application Access TokenT1563: Remote Service Session Hijacking

Related attack patterns· 1

CAPEC-21 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessImproper Authenticationcwe-287100%live

Related to3

TypeTargetConfidenceTier
TechniqueBrowser Session Hijackingt1185100%live
SubTechniqueApplication Access Tokent1550.001100%live
TechniqueRemote Service Session Hijackingt1563100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Session Sidejacking
CAPEC
Session Credential Falsification through Prediction
CAPEC
Session Credential Falsification through Manipulation
CAPEC
Session Fixation
CAPEC
Session Credential Falsification through Forging
CAPEC
Reusing Session IDs (aka Session Replay)
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.