CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Description

The man-in-the middle attack intercepts a communication between two systems. For example, in an http transaction the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into 2 new connections, one between the client and the attacker and the other between the attacker and the server. Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert and modify the data in the intercepted communication. The MITM attack is very effective because of the nature of the http protocol and data transfer which are all ASCII based. In this way, it’s possible to view and interview within the http protocol and also in the data transferred.
After getting access attackers can read and change application data.
The weakness is introduced during Architechture and Design stage.

Latest vulnerabilities for CWE-300

Multiple vulnerabilities in MediaTek chipsets 2024-04-01
High Yes

Multiple vulnerabilities in IBM Cognos Analytics 2024-02-26
High Yes

Multiple vulnerabilities in IBM Watson Machine Learning Accelerator on Cloud Pak for Data 2023-12-11
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Security (CP4S) 2023-10-11
Medium Yes

Man-in-the-Middle (MitM) attack in IBM Spectrum Virtualize 2023-09-26
Medium Yes

Multiple vulnerabilities in IBM Tivoli Network Manager (ITNM) 2023-09-21
High Yes

Multiple vulnerabilities in IBM Intelligent Operations Center (IOC) 2023-09-14
Medium Yes

Splunk Enterprise update for third-party packages 2023-09-04
High Yes

Multiple vulnerabilities in Dell PowerStore Family 2023-08-17
High Yes

Multiple vulnerabilities in Dell Data Protection Central 2023-08-16
High Yes

References

Description of CWE-300 on Mitre website