CAPEC Details
Name Exploiting Incorrectly Configured SSL
Likelyhood of attack Typical severity
Low Low
Summary An adversary takes advantage of incorrectly configured SSL communications that enables access to data intended to be encrypted. The adversary may also use this type of attack to inject commands or other traffic into the encrypted stream to cause compromise of either the client or server.
Prerequisites Access to the client/server stream.
Execution Flow
Step Phase Description Techniques
1 Explore Determine the configuration levels of either the server or client being targeted, preferably both. This is not a hard requirement, as the attacker can simply assume commonly exploitable configuration settings and blindly attempt them.
2 Experiment Provide controlled access to the server by the client, by either providing a link for the client to click on, or by positioning one's self at a place on the network to intercept and control the flow of data between client and server, e.g. MITM (man in the middle).
3 Exploit Insert the malicious data into the stream that takes advantage of the configuration flaw.
Solutions Usage of configuration settings, such as stream ciphers vs. block ciphers and setting timeouts on SSL sessions to extremely low values lessens the potential impact. Use of later versions of TLS (e.g. TLS 1.1+) can also be effective, but not all clients or servers support the later versions.
Related Weaknesses
CWE ID Description
CWE-201 Insertion of Sensitive Information Into Sent Data
Related CAPECS
CAPEC ID Description
CAPEC-216 An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, insertion/removal of information from the communications stream, and/or potentially system compromise.