CAPEC-102: Session Sidejacking
ID
CAPEC-102
Typical Severity
High
Likelihood Of Attack
High
Status
Draft
Session sidejacking takes advantage of an unencrypted communication channel between a victim and target system. The attacker sniffs traffic on a network looking for session tokens in unencrypted traffic. Once a session token is captured, the attacker performs malicious actions by using the stolen token with the targeted application to impersonate the victim. This attack is a specific method of session hijacking, which is exploiting a valid session token to gain unauthorized access to a target system or information. Other methods to perform a session hijacking are session fixation, cross-site scripting, or compromising a user or server machine and stealing the session token.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-294 | Authentication Bypass by Capture-replay | weakness |
CWE-319 | Cleartext Transmission of Sensitive Information | weakness |
CWE-522 | Insufficiently Protected Credentials | weakness |
CWE-523 | Unprotected Transport of Credentials | weakness |
CWE-614 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute | weakness |