Threat CC.AuC.CACSScS.3.3

URI: CC.AuC.CACSScS.3.3

Description: Possible access to Process as client Client by snooping credentials between Client and authenticator Service: if service Process redirects clients to service Service for authentication, an attacker able to snoop the token issued by Service may be able to impersonate Client to Process before Client does the same, even if the credential is limited to a single use. Note that this does not necessarily mean they can access service Process, only that the client credentials are compromised.

Threat Type: Primary Threat

Matching Pattern:

MP-CACSScS

Finds a channel between a client and a service, where authentication on this channel is controlled by authentication on another channel from the same client to a second service, along with the hosts of the client and the second service, plus optionally the client user and the managers of the second service and its host.

(empty)

ClientImpersonation at Role_AuthChannel

(empty)

Threat CC.AuC.CACSScS.3.3

MP-CACSScS

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (0)