Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-102:Session Sidejacking
Attack Pattern ID:102
Version:v3.9
Attack Pattern Name:Session Sidejacking
Abstraction:Detailed
Status:Draft
Likelihood of Attack:High
Typical Severity:High
DetailsContent HistoryRelated WeaknessesReports
5Weaknesses found
CWE-294
Authentication Bypass by Capture-replay
ShareView Details
Authentication Bypass by Capture-replay
Likelihood of Exploit-High
Mapping-Allowed
Abstraction-Base
Found in177CVEs

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Impacts-
Gain Privileges or Assume Identity
Tags-
High exploitGain Privileges or Assume Identity (impact)
As Seen In-
CWE Cross-section
CWE-319
Cleartext Transmission of Sensitive Information
ShareView Details
Cleartext Transmission of Sensitive Information
Likelihood of Exploit-High
Mapping-Allowed
Abstraction-Base
Found in757CVEs

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Impacts-
Read Application DataOtherModify Files or Directories
Tags-
Test/Debug HardwareHigh exploitCloud Computing (technology class)ICS/OT (technology class)Mobile (technology class)System on Chip (technology class)Other (impact)Modify Files or Directories (impact)Read Application Data (impact)
As Seen In-
CWE Cross-section
CWE-522
Insufficiently Protected Credentials
ShareView Details
Insufficiently Protected Credentials
Likelihood of Exploit-Not Available
Mapping-Allowed-with-Review
Abstraction-Class
Found in1192CVEs

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Impacts-
Gain Privileges or Assume Identity
Tags-
ICS/OT (technology class)Gain Privileges or Assume Identity (impact)
As Seen In-
2021 CWE Top 25 Most Dangerous Software2020 CWE Top 25 Most Dangerous SoftwareCWE Cross-section
CWE-523
Unprotected Transport of Credentials
ShareView Details
Unprotected Transport of Credentials
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in13CVEs

Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.

Impacts-
Gain Privileges or Assume Identity
Tags-
Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
ShareView Details
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Variant
Found in43CVEs

The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session.

Impacts-
Read Application Data
Tags-
Web Based (technology class)Read Application Data (impact)
As Seen In-
Not Available