Home > CAPEC List > CAPEC-528: XML Flood (Version 2.11)  

CAPEC-528: XML Flood

 
XML Flood
Definition in a New Window Definition in a New Window
Attack Pattern ID: 528
Abstraction: Standard
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary may execute a flooding attack using XML messages with the intent to deny legitimate users access to a web service. These attacks are accomplished by sending a large number of XML based requests and letting the service attempt to parse each one.

+ Attack Prerequisites
  • This type of an attack requires the ability to generate a large amount of XML based messages to send to a target service.

+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017