Metalikelihood: Highseverity: Very HighStable

CAPEC-94Adversary in the Middle (AiTM)

Abstraction
Meta
Status
Stable
Likelihood
High
Severity
Very High

Description

Metadata: meta CAPEC pattern, status stable, likelihood high, severity very high. Underlying weaknesses: CWE-300, CWE-290, CWE-593, CWE-287, CWE-294. Mapped ATT&CK technique: [object Object]. Related CAPEC patterns: [object Object], [object Object]. Metadata: meta CAPEC pattern, status stable, likelihood high, severity very high. Underlying weaknesses: CWE-300, CWE-290, CWE-593, CWE-287, CWE-294. Mapped ATT&CK technique: [object Object]. Related CAPEC patterns: [object Object], [object Object].

Related weaknesses· 5

CWE-300CWE-290CWE-593CWE-287CWE-294

MITRE ATT&CK crosswalk· 1

T1557: Adversary-in-the-Middle

Related attack patterns· 2

CAPEC-151 (CanPrecede)CAPEC-668 (CanPrecede)

Exploits5

TypeTargetConfidenceTier
WeaknessChannel Accessible by Non-Endpointcwe-300100%live
WeaknessAuthentication Bypass by Capture-replaycwe-294100%live
WeaknessImproper Authenticationcwe-287100%live
WeaknessAuthentication Bypass by Spoofingcwe-290100%live
WeaknessAuthentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Createdcwe-593100%live

Related to1

TypeTargetConfidenceTier
TechniqueAdversary-in-the-Middlet1557100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Adversary in the Browser (AiTB)
CAPEC
Browser in the Middle (BiTM)
CAPEC
Application API Message Manipulation via Man-in-the-Middle
CAPEC
Evil Twin Wi-Fi Attack
CAPEC
Exploitation of Trusted Identifiers
Technique
Adversary-in-the-Middle
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.