Detailedseverity: MediumStable

CAPEC-633Token Impersonation

Abstraction
Detailed
Status
Stable
Severity
Medium

Description

An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impersonated token. This action causes a downstream user to make a decision or take action that is based on the assumed identity, and not the response that blocks the adversary.

Related weaknesses· 2

CWE-287CWE-1270

MITRE ATT&CK crosswalk· 1

T1134: Access Token Manipulation

Related attack patterns· 1

CAPEC-194 (ChildOf)

Exploits2

TypeTargetConfidenceTier
WeaknessGeneration of Incorrect Security Tokenscwe-1270100%live
WeaknessImproper Authenticationcwe-287100%live

Related to1

TypeTargetConfidenceTier
TechniqueAccess Token Manipulationt1134100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Identity Spoofing
CAPEC
Authentication Abuse
CAPEC
Session Credential Falsification through Forging
CAPEC
Session Credential Falsification through Manipulation
CAPEC
Task Impersonation
CAPEC
Session Sidejacking
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.