CWE-294

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:category Security vulnerability
gptkbp:citation https://cwe.mitre.org/data/definitions/294.html
gptkbp:describes A weakness where an attacker can bypass authentication by replaying previously captured authentication messages
gptkbp:foundIn Network protocols
Web applications
https://www.w3.org/2000/01/rdf-schema#label CWE-294
gptkbp:impact Allows unauthorized access
gptkbp:mitigatedBy Implement challenge-response authentication
Use of nonces or timestamps to prevent replay
gptkbp:name Authentication Bypass by Capture-replay
gptkbp:partOf gptkb:CWE_(Common_Weakness_Enumeration)
gptkbp:relatedTo Authentication
Replay attack
gptkbp:vulnerableTo 294
gptkbp:bfsParent gptkb:CVE-2017-13081
gptkb:CVE-2017-13085
gptkb:CVE-2017-13087
gptkbp:bfsLayer 7