Statements (19)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
Security vulnerability
|
| gptkbp:citation |
https://cwe.mitre.org/data/definitions/294.html
|
| gptkbp:describes |
A weakness where an attacker can bypass authentication by replaying previously captured authentication messages
|
| gptkbp:foundIn |
Network protocols
Web applications |
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-294
|
| gptkbp:impact |
Allows unauthorized access
|
| gptkbp:mitigatedBy |
Implement challenge-response authentication
Use of nonces or timestamps to prevent replay |
| gptkbp:name |
Authentication Bypass by Capture-replay
|
| gptkbp:partOf |
gptkb:CWE_(Common_Weakness_Enumeration)
|
| gptkbp:relatedTo |
Authentication
Replay attack |
| gptkbp:vulnerableTo |
294
|
| gptkbp:bfsParent |
gptkb:CVE-2017-13081
gptkb:CVE-2017-13085 gptkb:CVE-2017-13087 |
| gptkbp:bfsLayer |
7
|