SFP Secondary Cluster: Channel Attack
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Summary
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
This category identifies Software Fault Patterns (SFPs) within the Channel Attack cluster.
Weaknesses
A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it t...
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a...
The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.
Simple authentication protocols are subject to reflection attacks if a malicious user can use the target machine to impersonate a trusted user.
The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request bef...
The product protects a primary channel, but it does not use the same level of protection for an alternate channel.
The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.
Concepts
CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.