CAPEC-697: DHCP Spoofing
ID
CAPEC-697
Typical Severity
High
Likelihood Of Attack
Low
Status
Stable
An adversary masquerades as a legitimate Dynamic Host Configuration Protocol (DHCP) server by spoofing DHCP traffic, with the goal of redirecting network traffic or denying service to DHCP.
DHCP is broadcast to the entire Local Area Network (LAN) and does not have any form of authentication by default. Therefore, it is susceptible to spoofing.
An adversary with access to the target LAN can receive DHCP messages; obtaining the topology information required to potentially manipulate other hosts' network configurations.
To improve the likelihood of the DHCP request being serviced by the Rogue server, an adversary can first starve the DHCP pool.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-923 | Improper Restriction of Communication Channel to Intended Endpoints | weakness |
Taxonomiy Mapping
Type | # ID | Name |
---|---|---|
ATTACK | 1557.003 | Adversary-in-the-Middle: DHCP Spoofing |