CAPEC-158: Sniffing Network Traffic
ID
CAPEC-158
Typical Severity
Medium
Status
Draft
In this attack pattern, the adversary monitors network traffic between nodes of a public or multicast network in an attempt to capture sensitive information at the protocol level. Network sniffing applications can reveal TCP/IP, DNS, Ethernet, and other low-level network communication information. The adversary takes a passive role in this attack pattern and simply observes and analyzes the traffic. The adversary may precipitate or indirectly influence the content of the observed transaction, but is never the intended recipient of the target information.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-311 | Missing Encryption of Sensitive Data | weakness |
Taxonomiy Mapping
Type | # ID | Name |
---|---|---|
ATTACK | 1040 | Network Sniffing |
ATTACK | 1111 | Multi-Factor Authentication Interception |