An attack in which an attacker is positioned between two communicating parties in order to intercept and/or alter data traveling between them. In the context of authentication, the attacker would be positioned between claimant and verifier, between registrant and CSP during enrollment, or between subscriber and CSP during authenticator binding.
Source(s):
NIST SP 1800-21B under Person (Man)-in-the-Middle Attack from NIST SP 800-63-3
NIST SP 800-63-3 under Man-in-the-Middle Attack (MitM)

  An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them.
Source(s):
NISTIR 7711 under Man-In-The-Middle

  A form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association.
Source(s):
CNSSI 4009-2015 [Superseded] from IETF RFC 4949 Ver 2

  An attack that occurs when an adversary deceives an SS/MS to appear as a legitimate BS while simultaneously deceiving a BS to appear as a legitimate SS/MS. This may allow an adversary to act as a pass-through for all communications and to inject malicious traffic into the communications stream.
Source(s):
NIST SP 800-127 [Withdrawn] under Man-in-the-middle (MITM)

  An attack on the authentication protocol run in which the Attacker positions himself or herself in between the Claimant and Verifier so that he can intercept and alter data traveling between them.
Source(s):
NIST SP 800-63-2 [Superseded] under Man-in-the-Middle Attack (MitM)