Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-300 (通道可被非端点访问(中间人攻击)) — Vulnerability Class 42

42 vulnerabilities classified as CWE-300 (通道可被非端点访问(中间人攻击)). AI Chinese analysis included.

CWE-300 represents a critical authentication weakness where a system fails to adequately verify the identities of both parties in a communication channel or ensure its integrity. This flaw allows unauthorized actors to intercept, manipulate, or inject malicious data into the stream, effectively becoming an unverified endpoint. Attackers typically exploit this by performing man-in-the-middle attacks, session hijacking, or spoofing legitimate connections to steal sensitive information or execute unauthorized commands. To mitigate this risk, developers must implement robust mutual authentication protocols, such as TLS with certificate validation, ensuring both ends are verified before data exchange. Additionally, employing message authentication codes and strict input validation helps maintain channel integrity. By rigorously checking entity identities and securing the transmission path, organizations can prevent unauthorized access and ensure that only legitimate endpoints influence the communication flow.

MITRE CWE Description
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint. In order to establish secure communication between two parties, it is often important to adequately verify the identity of entities at each end of the communication channel. Inadequate or inconsistent verification may result in insufficient or incorrect identification of either communicating entity. This can have negative consequences such as misplaced trust in the entity at the other end of the channel. An attacker can leverage this by interposing between the communicating entities and masquerading as the original entity. In the absence of sufficient verification of identity, such an attacker can eavesdrop and potentially modify the communication between the original entities.
Common Consequences (1)
Confidentiality, Integrity, Access ControlRead Application Data, Modify Application Data, Gain Privileges or Assume Identity
An attacker could pose as one of the entities and read or possibly modify the communication.
Mitigations (3)
ImplementationAlways fully authenticate both ends of any communications channel.
Architecture and DesignAdhere to the principle of complete mediation.
ImplementationA certificate binds an identity to a cryptographic key to authenticate a communicating party. Often, the certificate takes the encrypted form of the hash of the identity of the subject, the public key, and information such as time of issue or expiration using the issuer's private key. The certificate can be validated by deciphering the certificate with the issuer's public key. See also X.509 certi…
Examples (1)
In the Java snippet below, data is sent over an unencrypted channel to a remote server.
Socket sock; PrintWriter out; try { sock = new Socket(REMOTE_HOST, REMOTE_PORT); out = new PrintWriter(echoSocket.getOutputStream(), true); // Write data to remote host via socket output stream. ... }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2025-40770 Siemens SINEC Traffic Analyzer 安全漏洞 — SINEC Traffic Analyzer 7.4 High2025-08-12
CVE-2025-54792 LocalSend is Vulnerable to Man-in-the-Middle Attacks, Leading to File Interception — localsend 6.8 -2025-08-01
CVE-2024-50568 Fortinet FortiOS 安全漏洞 — FortiOS 5.6 Medium2025-06-10
CVE-2025-20122 Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability — Cisco Catalyst SD-WAN Manager 7.8 High2025-05-07
CVE-2024-50565 Fortinet多款产品 安全漏洞 — FortiOS 3.0 Low2025-04-08
CVE-2023-38272 IBM Cloud Pak System information disclosure — Cloud Pak System 5.9 Medium2025-03-27
CVE-2024-12602 Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.2 Medium2025-02-06
CVE-2024-27263 IBM Sterling B2B Integrator information disclosure — Sterling B2B Integrator 5.3 Medium2025-01-28
CVE-2024-45407 Sunshine has incorrect state management during pairing process may lead to incorrectly authorized client — Sunshine 6.5 Medium2024-09-10
CVE-2024-32049 BIG-IP Next Central Manager vulnerability — BIG-IP Next Central Manager 7.4 High2024-05-08
CVE-2024-31206 Use of Unencrypted HTTP Request in dectalk-tts — dectalk-tts 8.2 High2024-04-04
CVE-2023-31004 IBM Security Access Manager Container gain access — Security Verify Access Appliance 8.3 High2024-02-03
CVE-2023-7008 Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes — Red Hat Enterprise Linux 8 5.9 Medium2023-12-23
CVE-2023-32634 SoftEther VPN 安全漏洞 — SoftEther VPN 7.8 High2023-10-12
CVE-2023-4885 Multiple vulnerabilities in Open5GS — Open5GS 6.5 Medium2023-10-03
CVE-2023-2310 Channel Accessible by Non-Endpoint — SEL-3505 6.8 Medium2023-05-10
CVE-2021-27768 An SSL certificate host verification vulnerability affects HCL Verse for Android — Verse for Android 6.3 Medium2022-05-12
CVE-2021-21953 Anker Eufy Homebase 安全漏洞 — Anker 8.1 -2021-12-22
CVE-2021-41033 Eclipse Equinox 安全漏洞 — Eclipse Equinox 8.1 -2021-09-13
CVE-2021-32926 Rockwell Automation Micro 1400 安全漏洞 — Micro800, MicroLogix 1400 7.5 -2021-06-03
CVE-2021-22909 Ubiquiti Networks EdgeRouter 信任管理问题漏洞 — EdgeMAX EdgeRouter 8.1 -2021-05-27
CVE-2021-22890 Haxx libcurl 安全漏洞 — https://github.com/curl/curl 3.7 -2021-04-01
CVE-2020-10749 Container Network Interface 安全漏洞 — containernetworking/plugins 6.0 Medium2020-06-03
CVE-2020-11024 Man-in-the-middle attack in Moonlight iOS/tvOS — Moonlight 6.1 Medium2020-04-29
CVE-2019-3981 MikroTik Winbox 安全漏洞 — WinBox 3.7 -2020-01-14
CVE-2019-14899 openvpn 安全漏洞 — VPN 8.8 -2019-12-11
CVE-2019-5456 Ubiquiti Networks UniFi Controller 信任管理问题漏洞 — UniFi 6.8 -2019-07-30
CVE-2019-8282 Gemalto Admin Control Center 访问控制错误漏洞 — Sentinel LDK RTE 5.3 -2019-06-07
CVE-2019-3793 Invitations Service supports HTTP connections — Apps Manager 9.8 -2019-04-24
CVE-2018-13298 Synology Android Moments 权限许可和访问控制问题漏洞 — Android Moments 8.1 -2019-04-01

Vulnerabilities classified as CWE-300 (通道可被非端点访问(中间人攻击)) represent 42 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.