logo

CWE-294 - Authentication Bypass by Capture-replay

CWE-294 High

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Authentication Bypass by Capture-replay

Description

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Capture-replay attacks are common and can be difficult to defeat without cryptography. They are a subset of network injection attacks that rely on observing previously-sent valid commands, then changing them slightly if necessary and resending the same commands to the server.

Common Consequences

Scope: Access Control

Impact: Gain Privileges or Assume Identity

Notes: Messages sent with a capture-relay attack allow access to resources which are not otherwise accessible without proper authentication.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website