CAPEC Related Weakness
Session Sidejacking
CWE-294 Authentication Bypass by Capture-replay
CWE-319 Cleartext Transmission of Sensitive Information
CWE-522 Insufficiently Protected Credentials
CWE-523 Unprotected Transport of Credentials
CWE-614 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Interception
CWE-319 Cleartext Transmission of Sensitive Information
Harvesting Information via API Event Monitoring
CWE-311 Missing Encryption of Sensitive Data
CWE-319 Cleartext Transmission of Sensitive Information
CWE-419 Unprotected Primary Channel
CWE-602 Client-Side Enforcement of Server-Side Security
Signature Spoofing by Mixing Signed and Unsigned Content
CWE-311 Missing Encryption of Sensitive Data
CWE-319 Cleartext Transmission of Sensitive Information
CWE-693 Protection Mechanism Failure
Sniff Application Code
CWE-311 Missing Encryption of Sensitive Data
CWE-318 Cleartext Storage of Sensitive Information in Executable
CWE-319 Cleartext Transmission of Sensitive Information
CWE-693 Protection Mechanism Failure