| Nature | Type | ID | Name |
|---|---|---|---|
| ChildOf | S | 593 | Session Hijacking |
The attacker interacts with the target host and finds that session IDs are used to authenticate users.
The attacker interacts with the target host and finds that session IDs are used to authenticate users.
| Technique |
|---|
The attacker steals a session ID from a valid user.
The attacker steals a session ID from a valid user.
| Technique |
|---|
The attacker tries to use the stolen session ID to gain access to the system with the privileges of the session ID's original owner.
The attacker tries to use the stolen session ID to gain access to the system with the privileges of the session ID's original owner.
| Technique |
|---|
If an attacker can steal a valid session ID, they can then try to be authenticated with that stolen session ID.
More sophisticated attack can be used to hijack a valid session from a user and spoof a legitimate user by reusing their valid session ID.
| Scope | Likelihood | Impact | Note |
|---|---|---|---|
| ConfidentialityAccess ControlAuthorization | N/A | Gain Privileges | N/A |
| ID | Name |
|---|---|
| CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor |
| CWE-285 | Improper Authorization |
| CWE-290 | Authentication Bypass by Spoofing |
| CWE-294 | Authentication Bypass by Capture-replay |
| CWE-346 | Origin Validation Error |
| CWE-384 | Session Fixation |
| CWE-488 | Exposure of Data Element to Wrong Session |
| CWE-539 | Use of Persistent Cookies Containing Sensitive Information |
| CWE-664 | Improper Control of a Resource Through its Lifetime |
| CWE-732 | Incorrect Permission Assignment for Critical Resource |
| Taxonomy Name | Entry ID | Entry Name |
|---|---|---|
| ATTACK | 1134.001 | Access Token Manipulation:Token Impersonation/Theft |
| ATTACK | 1550.004 | Use Alternate Authentication Material:Web Session Cookie |