CWE-294 - Authentication Bypass by Capture-replay
CWE-294 High
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Authentication Bypass by Capture-replay
- Description
A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).
Capture-replay attacks are common and can be difficult to defeat without cryptography. They are a subset of network injection attacks that rely on observing previously-sent valid commands, then changing them slightly if necessary and resending the same commands to the server.
- Common Consequences
Scope: Access Control
Impact: Gain Privileges or Assume Identity
Notes: Messages sent with a capture-relay attack allow access to resources which are not otherwise accessible without proper authentication.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website