077 – ARP spoofing
Description
It is possible to supersede other MAC addresses in the network because the associated switch lacks protection mechanisms, such as PortSecurity.
Impact
- Steal sensitive information. - Facilitate other attacks such as Denial-of-Service DoS attacks, session hijacking and man-in-the-middle MitM attacks.
Recommendation
Set network controls (PortSecurity) in the affected switches.
Threat
Attacker from the Internet performing a MitM attack.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: A
- Attack complexity: H
- Attack Requirements: N
- Privileges required: L
- User interaction: N
- Confidentiality (VC): H
- Integrity (VI): H
- Availability (VA): L
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: P