An attacker could attempt to fool a Client into using a less secure connection or deprecated security policy. This could be attempted by modifying a Discovery response to remove security options from the available endpoints.

Message suppression directly impacts Authentication and Authorization, but it can indirectly impact all security objectives.

See 5.1.15 for the reconciliation of this threat.