| Man in the Middle Attack |
|
CWE-287
|
Improper Authentication
|
|
CWE-290
|
Authentication Bypass by Spoofing
|
|
CWE-294
|
Authentication Bypass by Capture-replay
|
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|
CWE-593
|
Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
|
|
CWE-724
|
OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management
|
|
| IP Address Blocking |
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|
| WiFi MAC Address Tracking |
|
CWE-201
|
Insertion of Sensitive Information Into Sent Data
|
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|
| Evil Twin Wi-Fi Attack |
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|
| Leveraging Active Man in the Middle Attacks to Bypass Same Origin Policy |
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|
| Utilizing REST's Trust in the System Resource to Obtain Sensitive Data |
|
CWE-287
|
Improper Authentication
|
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|
CWE-693
|
Protection Mechanism Failure
|
|
CWE-724
|
OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management
|
|
| DNS Blocking |
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|
| WiFi SSID Tracking |
|
CWE-201
|
Insertion of Sensitive Information Into Sent Data
|
|
CWE-300
|
Channel Accessible by Non-Endpoint
|
|