An adversary injects traffic into the target's network connection. The adversary is therefore able to degrade or disrupt the connection, and potentially modify the content. This is not a flooding attack, as the adversary is not focusing on exhausting resources. Instead, the adversary is crafting a specific input to affect the system in a particular way.
The target application must leverage an open communications channel.
The channel on which the target communicates must be vulnerable to interception (e.g., man in the middle attack).
A tool, such as a MITM Proxy, that is capable of generating and injecting custom inputs to be used in the attack.
DoS: crash / exit / restart
The injection of specific content into a connection can trigger a disruption in that communications channel, thereby denying availability of the service.
An adversary's injection of additional content into a communication channel negatively impacts the integrity of that channel.
More information is available — Please select a different filter.
Page Last Updated or Reviewed:
July 31, 2017
Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the