CWE-319
AllowedCleartext Transmission of Sensitive Information
Abstraction: Base · Status: Draft
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
1147 vulnerabilities reference this CWE, most recent first.
GHSA-RFJ2-4G26-7JW5
Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2022-11-04 22:37All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.xtext:org.eclipse.xtext"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.18.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.xtend:org.eclipse.xtend.core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.18.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-10249"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": true,
"github_reviewed_at": "2022-11-04T22:37:04Z",
"nvd_published_at": "2019-05-06T16:29:00Z",
"severity": "HIGH"
},
"details": "All Xtext \u0026 Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised.",
"id": "GHSA-rfj2-4g26-7jw5",
"modified": "2022-11-04T22:37:04Z",
"published": "2022-05-24T16:45:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10249"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/xtext-xtend/issues/759"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/xtext-xtend/commit/169de2cecc50ed9bf81c3cdc496ad8a799bdf17b"
},
{
"type": "WEB",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=546996"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Potentially compromised builds "
}
GHSA-RG8C-F654-9RHG
Vulnerability from github – Published: 2022-05-27 00:00 – Updated: 2022-06-10 00:00This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.
{
"affected": [],
"aliases": [
"CVE-2021-28508"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-26T20:15:00Z",
"severity": "MODERATE"
},
"details": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.",
"id": "GHSA-rg8c-f654-9rhg",
"modified": "2022-06-10T00:00:51Z",
"published": "2022-05-27T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28508"
},
{
"type": "WEB",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RGCQ-FF8P-H25Q
Vulnerability from github – Published: 2023-07-13 18:30 – Updated: 2024-03-21 03:35An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP server configuration from LDAPS to LDAP, the system does not require the password to be (re)entered. This results in exposing cleartext credentials when connecting to a rogue LDAP server.
{
"affected": [],
"aliases": [
"CVE-2023-35833"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-13T17:15:09Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP server configuration from LDAPS to LDAP, the system does not require the password to be (re)entered. This results in exposing cleartext credentials when connecting to a rogue LDAP server.",
"id": "GHSA-rgcq-ff8p-h25q",
"modified": "2024-03-21T03:35:30Z",
"published": "2023-07-13T18:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35833"
},
{
"type": "WEB",
"url": "https://www.ysoft.com/en/legal/ldaps-encryption-downgrade-attack-vulnerability"
},
{
"type": "WEB",
"url": "https://ysoft.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RGGJ-VGC7-HJ7V
Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
{
"affected": [],
"aliases": [
"CVE-2021-29753"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-05T18:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.",
"id": "GHSA-rggj-vgc7-hj7v",
"modified": "2022-05-24T19:19:48Z",
"published": "2022-05-24T19:19:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29753"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/201919"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6513703"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-RH6R-X58G-RPRW
Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.
{
"affected": [],
"aliases": [
"CVE-2018-4227"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-08T18:29:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the \"Mail\" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.",
"id": "GHSA-rh6r-x58g-rprw",
"modified": "2022-05-13T01:52:41Z",
"published": "2022-05-13T01:52:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4227"
},
{
"type": "WEB",
"url": "https://efail.de/#cve"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208848"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208849"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104897"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041027"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RJR7-MRW5-5M4X
Vulnerability from github – Published: 2025-03-27 09:30 – Updated: 2025-03-27 09:30A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information.
{
"affected": [],
"aliases": [
"CVE-2024-45361"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-27T08:15:17Z",
"severity": "MODERATE"
},
"details": "A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information.",
"id": "GHSA-rjr7-mrw5-5m4x",
"modified": "2025-03-27T09:30:31Z",
"published": "2025-03-27T09:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45361"
},
{
"type": "WEB",
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=558"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RJRP-M2JW-PV9C
Vulnerability from github – Published: 2026-02-02 23:33 – Updated: 2026-02-03 19:01Summary
SageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where the HMAC secret key is stored in environment variables and disclosed via the DescribeTrainingJob API has been identified.
Impact
- Function and Payload Tampering: Attackers with DescribeTrainingJob permissions may extract HMAC secret keys and forge serialized function payloads stored in S3. These tampered payloads would be processed and executed without triggering integrity validation errors, enabling unintended code substitution.
- Arbitrary Code Execution in the Training Environment: An third party with both DescribeTrainingJob permissions and write access to the job's S3 output location can extract the HMAC key, craft inappropriate Python objects, and achieve remote code execution in the client's Python process when the victim retrieves remote function results.
- Data and Credentials Handling: Arbitrary remote code execution may interact with sensitive data, model artifacts, environment variables, and potentially AWS metadata.
- Cross-Tenant or Shared Environment Risks: In multi-tenant, shared S3 bucket, a disclosed HMAC key could act as a pivot point to perform inappropriate actions against other users' remote function workloads. This could leverage the IAM permissions, shared S3 buckets, or VPC resources to compromise adjacent services or data.
Impacted versions
- SageMaker Python SDK v3 < v3.2.0
- SageMaker Python SDK v2 < v2.256.0
Patches
This issue has been addressed in SageMaker Python SDK version v3.2.0 and v2.256.0. Upgrading to the latest version immediately and ensuring any forked or derivative code is patched to incorporate the new fixes is recommended.
Workarounds
Customers using self-signed certificates for internal model downloads should add their private Certificate Authority (CA) certificate to the container image rather than relying on the SDK’s previous insecure configuration. This opt-in approach maintains security while accommodating internal trusted domains.
Resources
If there are any questions or comments about this advisory, contact AWS Security via the vulnerability reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "sagemaker"
},
"ranges": [
{
"events": [
{
"introduced": "3.0"
},
{
"fixed": "3.2.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "sagemaker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.256.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-1777"
],
"database_specific": {
"cwe_ids": [
"CWE-201",
"CWE-295",
"CWE-319"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-02T23:33:32Z",
"nvd_published_at": "2026-02-02T23:16:04Z",
"severity": "HIGH"
},
"details": "### Summary\n\nSageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where the HMAC secret key is stored in environment variables and disclosed via the DescribeTrainingJob API has been identified.\n\n### Impact\n\n- Function and Payload Tampering: Attackers with DescribeTrainingJob permissions may extract HMAC secret keys and forge serialized function payloads stored in S3. These tampered payloads would be processed and executed without triggering integrity validation errors, enabling unintended code substitution.\n- Arbitrary Code Execution in the Training Environment: An third party with both DescribeTrainingJob permissions and write access to the job\u0027s S3 output location can extract the HMAC key, craft inappropriate Python objects, and achieve remote code execution in the client\u0027s Python process when the victim retrieves remote function results.\n- Data and Credentials Handling: Arbitrary remote code execution may interact with sensitive data, model artifacts, environment variables, and potentially AWS metadata.\n- Cross-Tenant or Shared Environment Risks: In multi-tenant, shared S3 bucket, a disclosed HMAC key could act as a pivot point to perform inappropriate actions against other users\u0027 remote function workloads. This could leverage the IAM permissions, shared S3 buckets, or VPC resources to compromise adjacent services or data.\n\n### Impacted versions\n\n- SageMaker Python SDK v3 \u003c v3.2.0\n- SageMaker Python SDK v2 \u003c v2.256.0\n\n### Patches\nThis issue has been addressed in SageMaker Python SDK version [v3.2.0](https://github.com/aws/sagemaker-python-sdk/tree/22d30f577a6139431a1fb9154b7b88a0e2a1ace6) and [v2.256.0](https://github.com/aws/sagemaker-python-sdk/tree/a140cfcd12abfee10254cb4dea3bb10758e4321c). Upgrading to the latest version immediately and ensuring any forked or derivative code is patched to incorporate the new fixes is recommended.\n\n### Workarounds\nCustomers using self-signed certificates for internal model downloads should add their private Certificate Authority (CA) certificate to the container image rather than relying on the SDK\u2019s previous insecure configuration. This opt-in approach maintains security while accommodating internal trusted domains.\n\n### Resources\nIf there are any questions or comments about this advisory, contact AWS Security via the [vulnerability reporting page](https://aws.amazon.com/security/vulnerability-reporting) or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do not create a public GitHub issue.",
"id": "GHSA-rjrp-m2jw-pv9c",
"modified": "2026-02-03T19:01:11Z",
"published": "2026-02-02T23:33:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aws/sagemaker-python-sdk/security/advisories/GHSA-rjrp-m2jw-pv9c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1777"
},
{
"type": "WEB",
"url": "https://github.com/aws/sagemaker-python-sdk/commit/708c7b2f4135ecaec55973d098f3dbe98b657933"
},
{
"type": "WEB",
"url": "https://github.com/aws/sagemaker-python-sdk/commit/fb0d789db4fd5fecde5509963939369f4c7ce63b"
},
{
"type": "WEB",
"url": "https://aws.amazon.com/security/security-bulletins/2026-004-AWS"
},
{
"type": "PACKAGE",
"url": "https://github.com/aws/sagemaker-python-sdk"
},
{
"type": "WEB",
"url": "https://github.com/aws/sagemaker-python-sdk/releases/tag/v2.256.0"
},
{
"type": "WEB",
"url": "https://github.com/aws/sagemaker-python-sdk/releases/tag/v3.2.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "SageMaker Python SDK has Exposed HMAC"
}
GHSA-RM7F-V2GQ-Q2MW
Vulnerability from github – Published: 2026-05-14 18:32 – Updated: 2026-05-14 18:32HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions
{
"affected": [],
"aliases": [
"CVE-2025-62311"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-14T17:16:18Z",
"severity": "MODERATE"
},
"details": "HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions",
"id": "GHSA-rm7f-v2gq-q2mw",
"modified": "2026-05-14T18:32:56Z",
"published": "2026-05-14T18:32:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62311"
},
{
"type": "WEB",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0130636"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-RP7X-9GH4-8C2Q
Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2024-04-04 02:45The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI.
{
"affected": [],
"aliases": [
"CVE-2019-19967"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-25T22:15:00Z",
"severity": "HIGH"
},
"details": "The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI.",
"id": "GHSA-rp7x-9gh4-8c2q",
"modified": "2024-04-04T02:45:19Z",
"published": "2022-05-24T17:05:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19967"
},
{
"type": "WEB",
"url": "https://github.com/filipi86/ConnectBoxDOCSIS-3.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RPH6-5XP5-MJMR
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 has a login process in which cleartext data is sent from a server to a client, and not all of this data is required for the client functionality.
{
"affected": [],
"aliases": [
"CVE-2017-15290"
],
"database_specific": {
"cwe_ids": [
"CWE-319"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-12T16:29:00Z",
"severity": "HIGH"
},
"details": "Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 has a login process in which cleartext data is sent from a server to a client, and not all of this data is required for the client functionality.",
"id": "GHSA-rph6-5xp5-mjmr",
"modified": "2022-05-13T01:43:42Z",
"published": "2022-05-13T01:43:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15290"
},
{
"type": "WEB",
"url": "https://ipvm.com/forums/video-surveillance/topics/mirasys-happy-with-bad-security-unless-hit-with-bad-press"
},
{
"type": "WEB",
"url": "https://www.dropbox.com/s/un43q74ie55wtpe/mirasys-vms-leak-2017.zip?dl=1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Before transmitting, encrypt the data using reliable, confidentiality-protecting cryptographic protocols.
Mitigation
When using web applications with SSL, use SSL for the entire session from login to logout, not just for the initial login page.
Mitigation
When designing hardware platforms, ensure that approved encryption algorithms (such as those recommended by NIST) protect paths from security critical data to trusted user applications.
Mitigation
Use tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session. These may be more effective than strictly automated techniques. This is especially the case with weaknesses that are related to design and business rules.
Mitigation
Configure servers to use encrypted channels for communication, which may include SSL or other secure protocols.
CAPEC-102: Session Sidejacking
Session sidejacking takes advantage of an unencrypted communication channel between a victim and target system. The attacker sniffs traffic on a network looking for session tokens in unencrypted traffic. Once a session token is captured, the attacker performs malicious actions by using the stolen token with the targeted application to impersonate the victim. This attack is a specific method of session hijacking, which is exploiting a valid session token to gain unauthorized access to a target system or information. Other methods to perform a session hijacking are session fixation, cross-site scripting, or compromising a user or server machine and stealing the session token.
CAPEC-117: Interception
An adversary monitors data streams to or from the target for information gathering purposes. This attack may be undertaken to solely gather sensitive information or to support a further attack against the target. This attack pattern can involve sniffing network traffic as well as other types of data streams (e.g. radio). The adversary can attempt to initiate the establishment of a data stream or passively observe the communications as they unfold. In all variants of this attack, the adversary is not the intended recipient of the data stream. In contrast to other means of gathering information (e.g., targeting data leaks), the adversary must actively position themself so as to observe explicit data channels (e.g. network traffic) and read the content. However, this attack differs from a Adversary-In-the-Middle (CAPEC-94) attack, as the adversary does not alter the content of the communications nor forward data to the intended recipient.
CAPEC-383: Harvesting Information via API Event Monitoring
An adversary hosts an event within an application framework and then monitors the data exchanged during the course of the event for the purpose of harvesting any important data leaked during the transactions. One example could be harvesting lists of usernames or userIDs for the purpose of sending spam messages to those users. One example of this type of attack involves the adversary creating an event within the sub-application. Assume the adversary hosts a "virtual sale" of rare items. As other users enter the event, the attacker records via AiTM (CAPEC-94) proxy the user_ids and usernames of everyone who attends. The adversary would then be able to spam those users within the application using an automated script.
CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
An attacker exploits the underlying complexity of a data structure that allows for both signed and unsigned content, to cause unsigned data to be processed as though it were signed data.
CAPEC-65: Sniff Application Code
An adversary passively sniffs network communications and captures application code bound for an authorized client. Once obtained, they can use it as-is, or through reverse-engineering glean sensitive information or exploit the trust relationship between the client and server. Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server.