| Name |
Communication Channel Manipulation |
|
| Likelyhood of attack |
Typical severity |
| High |
Low |
|
| Summary |
An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, insertion/removal of information from the communications stream, and/or potentially system compromise. |
| Prerequisites |
The target application must leverage an open communications channel. The channel on which the target communicates must be vulnerable to interception (e.g., man in the middle attack). |
| Solutions | Encrypt all sensitive communications using properly-configured cryptography. Design the communication system such that it associates proper authentication/authorization with each channel/message. |