Authentication Bypass by Capture-replay

CWE-294

Overtime trend (NVD)

CVSS severity (NVD, All Time)

Per technology (GHSA, All time)

35%-Go
21%-Composer
21%-Pip
21%-Others

Short description

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Extended description

Capture-replay attacks are common and can be difficult to defeat without cryptography. They are a subset of network injection attacks that rely on observing previously-sent valid commands, then changing them slightly if necessary and resending the same commands to the server.

Best practices to prevent this CWE

Phase: Architecture and Design

Utilize some sequence or time stamping functionality along with a checksum which takes this into account in order to ensure that messages can be parsed only once.

Phase: Architecture and Design

Since any attacker who can listen to traffic can see sequence numbers, it is necessary to sign messages with some kind of cryptography to ensure that sequence numbers are not simply doctored along with content.

Recently published CVEs

CVE-2024-38284
CVE-2024-34065
CVE-2024-4009
CVE-2024-29901
CVE-2023-6374

Recently published GHSA

GHSA-wrvh-rcmr-9qfc
GHSA-35w3-6qhc-474v
GHSA-4x5h-xmv4-99wx
GHSA-4cr4-x82x-hwm9
GHSA-hwj7-frgj-7829

Prioritize and Uncover Reachable Vulnerabilities in Your Application Code

Identify externally reachable data flows and vulnerabilities for effective risk mitigation

Get a Demo