Weakness ID: 924 Abstraction: Class
The software establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.
A man-in-the-middle (MITM) attacker might be able to modify the message and spoof the endpoint.
Time of Introduction
Technical Impact: Gain privileges / assume
If an attackers can spoof the endpoint, the attacker gains all the
privileges that were intended for the original endpoint.
This entry will be made more comprehensive in later CWE versions.
|2013-06-23||MITRE||Internal CWE Team|
More information is available — Please select a different filter.