Improper Enforcement of Message Integrity During Transmission in a Communication Channel
CWE-924
Overtime trend (NVD)
CVSS severity (NVD, All Time)
Short description
The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.
Extended description
Attackers might be able to modify the message and spoof the endpoint by interfering with the data as it crosses the network or by redirecting the connection to a system under their control.