CAPEC Related Weakness
Session Hijacking
CWE-287 Improper Authentication
Token Impersonation
CWE-287 Improper Authentication
Upload a Web Shell to a Web Server
CWE-287 Improper Authentication
CWE-553 Command Shell in Externally Accessible Directory
Authentication Abuse
CWE-287 Improper Authentication
CWE-1244 Improper Access to Sensitive Information Using Debug and Test Interfaces
Identity Spoofing
CWE-287 Improper Authentication
Fake the Source of Data
CWE-287 Improper Authentication
Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
CWE-287 Improper Authentication
CWE-300 Channel Accessible by Non-Endpoint
CWE-693 Protection Mechanism Failure
CWE-724 OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management
Exploiting Trust in Client
CWE-20 Improper Input Validation
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-287 Improper Authentication
CWE-290 Authentication Bypass by Spoofing
CWE-693 Protection Mechanism Failure
Man in the Middle Attack
CWE-287 Improper Authentication
CWE-290 Authentication Bypass by Spoofing
CWE-294 Authentication Bypass by Capture-replay
CWE-300 Channel Accessible by Non-Endpoint
CWE-593 Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
CWE-724 OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management
Authentication Bypass
CWE-287 Improper Authentication