CWE-300
DiscouragedChannel Accessible by Non-Endpoint
Abstraction: Class · Status: Draft
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
95 vulnerabilities reference this CWE, most recent first.
GHSA-FX6X-H9G4-56F8
Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2023-08-22 14:31A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/containernetworking/plugins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.8.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-10749"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-13T20:04:42Z",
"nvd_published_at": "2020-06-03T14:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.",
"id": "GHSA-fx6x-h9g4-56f8",
"modified": "2023-08-22T14:31:14Z",
"published": "2022-05-24T17:19:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749"
},
{
"type": "PACKAGE",
"url": "https://github.com/containernetworking/plugins"
},
{
"type": "WEB",
"url": "https://github.com/containernetworking/plugins/releases/tag/v0.8.6"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "containernetworking/plugins vulnerable to MitM attacks"
}
GHSA-G465-XM3V-VHJ4
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. Communication channel endpoints are not verified, which may allow a remote attacker to access or influence communications between the identified endpoints.
{
"affected": [],
"aliases": [
"CVE-2017-6052"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-26T14:59:00Z",
"severity": "MODERATE"
},
"details": "A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. Communication channel endpoints are not verified, which may allow a remote attacker to access or influence communications between the identified endpoints.",
"id": "GHSA-g465-xm3v-vhj4",
"modified": "2022-05-13T01:36:33Z",
"published": "2022-05-13T01:36:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6052"
},
{
"type": "WEB",
"url": "https://community.rapid7.com/community/infosec/blog/2017/04/25/r7-2017-02-hyundai-blue-link-potential-info-disclosure-fixed"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-115-03"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98033"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GCP8-45QV-X5W6
Vulnerability from github – Published: 2025-02-06 21:32 – Updated: 2025-02-06 21:322N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices.
{
"affected": [],
"aliases": [
"CVE-2024-47258"
],
"database_specific": {
"cwe_ids": [
"CWE-295",
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-06T20:15:39Z",
"severity": "HIGH"
},
"details": "2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices.",
"id": "GHSA-gcp8-45qv-x5w6",
"modified": "2025-02-06T21:32:09Z",
"published": "2025-02-06T21:32:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47258"
},
{
"type": "WEB",
"url": "https://www.2n.com/en-GB/download/cve_2024_47258_acom_3_3_v1pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H2F7-G9RH-RR7G
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-10-26 12:00When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition
{
"affected": [],
"aliases": [
"CVE-2021-32926"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-03T13:15:00Z",
"severity": "HIGH"
},
"details": "When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition",
"id": "GHSA-h2f7-g9rh-rr7g",
"modified": "2022-10-26T12:00:40Z",
"published": "2022-05-24T19:03:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32926"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWXF-WJQ7-J3HM
Vulnerability from github – Published: 2023-12-23 15:30 – Updated: 2025-11-04 18:30A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
{
"affected": [],
"aliases": [
"CVE-2023-7008"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-23T13:15:07Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.",
"id": "GHSA-hwxf-wjq7-j3hm",
"modified": "2025-11-04T18:30:45Z",
"published": "2023-12-23T15:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7008"
},
{
"type": "WEB",
"url": "https://github.com/systemd/systemd/issues/25676"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2463"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:3203"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-7008"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222261"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222672"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20241122-0004"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J3RQ-4XJW-XG63
Vulnerability from github – Published: 2023-12-04 23:13 – Updated: 2023-12-04 23:13Impact
Any CLI command issued to a Coordinator after the Manifest has been set, is susceptible to be redirected to another MarbleRun Coordinator instance, which runs the same binary, but potentially a different manifest.
Patches
The issue has been patched in v1.4.0
Workarounds
Directly using the REST API of the Coordinator and manually verifying and pinning the certificate to a set Manifest avoids the issue.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/edgelesssys/marblerun"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": true,
"github_reviewed_at": "2023-12-04T23:13:42Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Impact\nAny CLI command issued to a Coordinator after the Manifest has been set, is susceptible to be redirected to another MarbleRun Coordinator instance, which runs the same binary, but potentially a different manifest.\n\n### Patches\n The issue has been patched in [`v1.4.0`](https://github.com/edgelesssys/marblerun/releases/tag/v1.4.0)\n\n### Workarounds\n\nDirectly using the REST API of the Coordinator and manually verifying and pinning the certificate to a set Manifest avoids the issue.\n",
"id": "GHSA-j3rq-4xjw-xg63",
"modified": "2023-12-04T23:13:42Z",
"published": "2023-12-04T23:13:42Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/edgelesssys/marblerun/security/advisories/GHSA-j3rq-4xjw-xg63"
},
{
"type": "PACKAGE",
"url": "https://github.com/edgelesssys/marblerun"
},
{
"type": "WEB",
"url": "https://github.com/edgelesssys/marblerun/releases/tag/v1.4.0"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks"
}
GHSA-J94P-GV3V-CG5Q
Vulnerability from github – Published: 2025-04-08 15:31 – Updated: 2025-04-08 15:31A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15 and 6.2.0 through 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15 and 2.0.0 through 2.0.14, Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and 6.2.0 through 6.2.13, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and 6.2.0 through 6.2.13, Fortinet FortiVoice version 7.0.0 through 7.0.2, 6.4.0 through 6.4.8 and 6.0.0 through 6.0.12 and Fortinet FortiWeb version 7.4.0 through 7.4.2, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10 allows an unauthenticated attacker in a man-in-the-middle position to impersonate the management device (FortiCloud server or/and in certain conditions, FortiManager), via intercepting the FGFM authentication request between the management device and the managed device
{
"affected": [],
"aliases": [
"CVE-2024-50565"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-08T14:15:31Z",
"severity": "LOW"
},
"details": "A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15 and 6.2.0 through 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15 and 2.0.0 through 2.0.14, Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and 6.2.0 through 6.2.13, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and 6.2.0 through 6.2.13, Fortinet FortiVoice version 7.0.0 through 7.0.2, 6.4.0 through 6.4.8 and 6.0.0 through 6.0.12 and Fortinet FortiWeb version 7.4.0 through 7.4.2, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10 allows an unauthenticated attacker in a man-in-the-middle position to impersonate the management device (FortiCloud server or/and in certain conditions, FortiManager), via intercepting the FGFM authentication request between the management device and the managed device",
"id": "GHSA-j94p-gv3v-cg5q",
"modified": "2025-04-08T15:31:05Z",
"published": "2025-04-08T15:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50565"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-046"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M4HR-5G26-HJJ4
Vulnerability from github – Published: 2026-03-04 18:31 – Updated: 2026-03-04 18:31A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim's BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.
{
"affected": [],
"aliases": [
"CVE-2026-23810"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-04T17:16:19Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim\u0027s BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.",
"id": "GHSA-m4hr-5g26-hjj4",
"modified": "2026-03-04T18:31:53Z",
"published": "2026-03-04T18:31:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23810"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05026en_us\u0026docLocale=en_US"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MG63-673F-RG9P
Vulnerability from github – Published: 2025-02-06 15:32 – Updated: 2025-02-06 15:32Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
{
"affected": [],
"aliases": [
"CVE-2024-12602"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-06T13:15:38Z",
"severity": "MODERATE"
},
"details": "Identity verification vulnerability in the ParamWatcher module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality.",
"id": "GHSA-mg63-673f-rg9p",
"modified": "2025-02-06T15:32:52Z",
"published": "2025-02-06T15:32:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12602"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2025/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MMR9-P6PG-2MP3
Vulnerability from github – Published: 2025-05-07 18:30 – Updated: 2025-05-07 18:30A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system.
This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.
{
"affected": [],
"aliases": [
"CVE-2025-20122"
],
"database_specific": {
"cwe_ids": [
"CWE-300"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-07T18:15:36Z",
"severity": "HIGH"
},
"details": "A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system.\n\nThis vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.",
"id": "GHSA-mmr9-p6pg-2mp3",
"modified": "2025-05-07T18:30:48Z",
"published": "2025-05-07T18:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20122"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-priviesc-WCk7bmmt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Always fully authenticate both ends of any communications channel.
Mitigation
Adhere to the principle of complete mediation.
Mitigation
A certificate binds an identity to a cryptographic key to authenticate a communicating party. Often, the certificate takes the encrypted form of the hash of the identity of the subject, the public key, and information such as time of issue or expiration using the issuer's private key. The certificate can be validated by deciphering the certificate with the issuer's public key. See also X.509 certificate signature chains and the PGP certification structure.
CAPEC-466: Leveraging Active Adversary in the Middle Attacks to Bypass Same Origin Policy
An attacker leverages an adversary in the middle attack (CAPEC-94) in order to bypass the same origin policy protection in the victim's browser. This active adversary in the middle attack could be launched, for instance, when the victim is connected to a public WIFI hot spot. An attacker is able to intercept requests and responses between the victim's browser and some non-sensitive website that does not use TLS.
CAPEC-57: Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to obtain sensitive data once SSL is terminated.
CAPEC-589: DNS Blocking
An adversary intercepts traffic and intentionally drops DNS requests based on content in the request. In this way, the adversary can deny the availability of specific services or content to the user even if the IP address is changed.
CAPEC-590: IP Address Blocking
An adversary performing this type of attack drops packets destined for a target IP address. The aim is to prevent access to the service hosted at the target IP address.
CAPEC-612: WiFi MAC Address Tracking
In this attack scenario, the attacker passively listens for WiFi messages and logs the associated Media Access Control (MAC) addresses. These addresses are intended to be unique to each wireless device (although they can be configured and changed by software). Once the attacker is able to associate a MAC address with a particular user or set of users (for example, when attending a public event), the attacker can then scan for that MAC address to track that user in the future.
CAPEC-613: WiFi SSID Tracking
In this attack scenario, the attacker passively listens for WiFi management frame messages containing the Service Set Identifier (SSID) for the WiFi network. These messages are frequently transmitted by WiFi access points (e.g., the retransmission device) as well as by clients that are accessing the network (e.g., the handset/mobile device). Once the attacker is able to associate an SSID with a particular user or set of users (for example, when attending a public event), the attacker can then scan for this SSID to track that user in the future.
CAPEC-615: Evil Twin Wi-Fi Attack
Adversaries install Wi-Fi equipment that acts as a legitimate Wi-Fi network access point. When a device connects to this access point, Wi-Fi data traffic is intercepted, captured, and analyzed. This also allows the adversary to use "adversary-in-the-middle" (CAPEC-94) for all communications.
CAPEC-662: Adversary in the Browser (AiTB)
An adversary exploits security vulnerabilities or inherent functionalities of a web browser, in order to manipulate traffic between two endpoints.
CAPEC-94: Adversary in the Middle (AiTM)
An adversary targets the communication between two components (typically client and server), in order to alter or obtain data from transactions. A general approach entails the adversary placing themself within the communication channel between the two components.