Home > CAPEC List > CAPEC-218: Spoofing of UDDI/ebXML Messages (Version 2.9)  

CAPEC-218: Spoofing of UDDI/ebXML Messages

 
Spoofing of UDDI/ebXML Messages
Definition in a New Window Definition in a New Window
Attack Pattern ID: 218
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An attacker spoofs a UDDI, ebXML, or similar message in order to impersonate a service provider in an e-business transaction. UDDI, ebXML, and similar standards are used to identify businesses in e-business transactions. Among other things, they identify a particular participant, WSDL information for SOAP transactions, and supported communication protocols, including security protocols. By spoofing one of these messages an attacker could impersonate a legitimate business in a transaction or could manipulate the protocols used between a client and business. This could result in disclosure of sensitive information, loss of message integrity, or even financial fraud.

+ Attack Prerequisites
  • The targeted business's UDDI or ebXML information must be served from a location that the attacker can spoof or compromise or the attacker must be able to intercept and modify unsecured UDDI/ebXML messages in transit.

+ Typical Severity

Medium

+ Resources Required

The attacker must be able to force the target user to accept their spoofed UDDI or ebXML message as opposed to the a message associated with a legitimate company. Depending on the follow-on for the attack, the attacker may also need to serve its own web services.

+ Solutions and Mitigations

Implementation: Clients should only trust UDDI, ebXML, or similar messages that are verifiably signed by a trusted party.

+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated or Reviewed: December 07, 2015