|
|
|
Weaknesses in this attack-focused category are caused by improperly implemented
authentication schemes that are subject to spoofing attacks.
Resultant vuln from insufficient verification.
1000
Weakness
ChildOf
592
Authentication bypass by spoofing
21
22
94
60
59
(CWE-290)
|
CWE-290 Individual Dictionary Definition (Draft 9)
Weakness ID
| Status: Incomplete 290 (Weakness Base) | | Description | Summary Weaknesses in this attack-focused category are caused by improperly implemented
authentication schemes that are subject to spoofing attacks. | | Context Notes | Resultant vuln from insufficient verification. | | Relationships | | | Source Taxonomies | PLOVER - Authentication bypass by spoofing | | Related Attack Patterns | | CAPEC-ID | Attack Pattern Name |
|---|
| 21 | Exploitation of Session Variables, Resource IDs and other Trusted Credentials | | 22 | Exploiting Trust in Client (aka Make the Client Invisible) | | 94 | Man in the Middle Attack | | 60 | Reusing Session IDs (aka Session Replay) | | 59 | Session Credential Falsification through Prediction |
|
|