Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-466:Leveraging Active Adversary in the Middle Attacks to Bypass Same Origin Policy
Attack Pattern ID:466
Version:v3.9
Attack Pattern Name:Leveraging Active Adversary in the Middle Attacks to Bypass Same Origin Policy
Abstraction:Standard
Status:Draft
Likelihood of Attack:
Typical Severity:Medium
DetailsContent HistoryRelated WeaknessesReports
1Weaknesses found
CWE-300
Channel Accessible by Non-Endpoint
ShareView Details
Channel Accessible by Non-Endpoint
Likelihood of Exploit-Not Available
Mapping-Discouraged
Abstraction-Class
Found in52CVEs

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

Impacts-
Read Application DataGain Privileges or Assume IdentityModify Application Data
Tags-
Modify Application Data (impact)Read Application Data (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
CWE Cross-section