| http://www.w3.org/ns/prov#value | - The attacker can utilize a sniffer such as Wireshark to snapshot the credentials, such as username and password that are passed in the clear once SSL is terminated.Once the attacker gathers these credentials, they can submit requests to the web service provider just as authorized user do.
|
