protocol vulnerability