CWE-300 - CERT CVE

CWE-300 - Channel Accessible by Non-Endpoint

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

CAPEC ID Naziv
CAPEC-466 Leveraging Active Man in the Middle Attacks to Bypass Same Origin Policy
CAPEC-57 Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
CAPEC-589 DNS Blocking
CAPEC-590 IP Address Blocking
CAPEC-612 WiFi MAC Address Tracking
CAPEC-613 WiFi SSID Tracking
CAPEC-615 Evil Twin Wi-Fi Attack
CAPEC-94 Man in the Middle Attack