CAPEC-594

Traffic Injection
Stable
2017-01-03
00h00 +00:00
2021-06-24
00h00 +00:00
CAPEC Mitre.org
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Gestion des notifications

Descriptions du CAPEC

An adversary injects traffic into the target's network connection. The adversary is therefore able to degrade or disrupt the connection, and potentially modify the content. This is not a flooding attack, as the adversary is not focusing on exhausting resources. Instead, the adversary is crafting a specific input to affect the system in a particular way.

Informations du CAPEC

Conditions préalables

The target application must leverage an open communications channel.
The channel on which the target communicates must be vulnerable to interception (e.g., adversary in the middle attack - CAPEC-94).

Ressources nécessaires

A tool, such as a MITM Proxy, that is capable of generating and injecting custom inputs to be used in the attack.

Faiblesses connexes

CWE-ID Nom de la faiblesse

CWE-940

 Improper Verification of Source of a Communication Channel
The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin.

Soumission

Nom Organisation Date Date de publication
Seamus Tuohy 2017-01-03 +00:00

Modifications

Nom Organisation Date Commentaire
CAPEC Content Team The MITRE Corporation 2017-05-01 +00:00 Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, Resources_Required
CAPEC Content Team The MITRE Corporation 2019-04-04 +00:00 Updated Related_Weaknesses
CAPEC Content Team The MITRE Corporation 2021-06-24 +00:00 Updated Prerequisites