CAPEC Details
Name Drop Encryption Level
Likelyhood of attack Typical severity
High High
Summary An attacker forces the encryption level to be lowered, thus enabling a successful attack against the encrypted data.
Prerequisites
Solutions
Related Weaknesses
CWE ID Description
CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
Related CAPECS
CAPEC ID Description
CAPEC-212 An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data.
Taxonomy: ATTACK
Entry ID Entry Name
1600 Weaken Encryption