Standardseverity: HighDraft

CAPEC-620Drop Encryption Level

Abstraction
Standard
Status
Draft
Severity
High

Description

An attacker forces the encryption level to be lowered, thus enabling a successful attack against the encrypted data. Metadata: standard CAPEC pattern, status draft, severity high. Underlying weakness: CWE-757. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object]. Metadata: standard CAPEC pattern, status draft, severity high. Underlying weakness: CWE-757. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 1

CWE-757

MITRE ATT&CK crosswalk· 1

T1600: Weaken Encryption

Related attack patterns· 1

CAPEC-212 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessSelection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')cwe-757100%live

Related to1

TypeTargetConfidenceTier
TechniqueWeaken Encryptiont1600100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Weakening of Cellular Encryption
CAPEC
Privilege Escalation
CAPEC
Exploiting Incorrectly Configured SSL/TLS
CAPEC
Removing Important Client Functionality
CAPEC
Encryption Brute Forcing
CAPEC
Artificially Inflate File Sizes
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.