CWE-294 234 個 CVE MITRE 定義 ↗

CWE-294:Authentication Bypass by Capture-replay

概覽

CWE-294(Authentication Bypass by Capture-replay)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

適用平台

類型 名稱 普遍性 OS / CPE
language Not Language-Specific Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2026-57574 2026-07-10 Misskey is an open source, federated social media platform. Prior to 2026.6.0, Misskey contains a vulnerability in Time-based One-Time Password (TOTP) authentication in UserAuthService where insuffici…
CVE-2026-55370 2026-07-10 Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's existing TOTP verification accepted a successfully used TOTP code again while the code remained insi…
CVE-2026-28564 2026-07-10 Insufficient Session Expiration, Authentication Bypass by Capture-replay vulnerability in Apache IoTDB. REST Basic Authentication Accepts Stale Cached Credentials This issue affects Apache IoTDB: fr…
CVE-2026-51597 2026-07-09 MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchan…
CVE-2026-54783 2026-07-08 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF WS-Security endorsing and supporting signature verification does not ens…
CVE-2026-54779 2026-07-08 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token replay protection is inoperative because DefaultTokenReplayCa…
CVE-2026-26232 2026-07-03 Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange.
CVE-2026-20779 2026-07-03 Gitea versions from 1.5.0 before 1.26.3 have a TOTP single-use enforcement defect that allows a valid TOTP code to be accepted more than once across web two-factor authentication flows and the Basic A…
CVE-2026-8927 2026-07-03 When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the …
CVE-2026-11856 2026-07-03 Successfully using libcurl to do a transfer to a specific HTTP origin (`hostA`) with **Digest** authentication and then changing the origin to a different one (`hostB`) for a second transfer, reusing …
CVE-2026-44946 2026-06-30 A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks aga…
CVE-2026-49319 2026-06-25 Remote Keyless Entry System (RKES), using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication…
CVE-2026-56130 2026-06-25 "Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed.…
CVE-2026-55759 2026-06-24 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, Rocket.Chat's Apple Sign-In handler verifies JWT sign…
CVE-2023-33854 2026-06-22 IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data …
CVE-2026-47341 2026-06-19 Authentication Bypass by Capture-replay vulnerability in Apache APISIX. Attacker can benefit from certain configurations in hmac-auth to re-use a token forever, bypassing expiry. This issue affects A…
CVE-2026-34021 2026-06-15 The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker …
CVE-2026-41000 2026-06-11 Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and c…
CVE-2026-49322 2026-05-29 Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to …
CVE-2026-9095 2026-05-28 Casdoor versions 2.362.0 and earlier map SAML assertions to user sessions without replay protection. The ParseSamlResponse() function in object/saml_sp.go calls sp.RetrieveAssertionInfo() and immediat…

內容提交

名稱
PLOVER
日期
2006-07-19
版本
Draft 3

內容修訂

日期 名稱 版本 重要性 評論
2008-09-08 CWE Content Team 1.0 updated Common_Consequences, Relationships, Other_Notes, Taxonomy_Mappings
2009-05-27 CWE Content Team 1.4 updated Related_Attack_Patterns
2009-07-27 CWE Content Team 1.5 updated Description, Other_Notes, Potential_Mitigations
2009-10-29 CWE Content Team 1.6 updated Observed_Examples
2011-06-01 CWE Content Team 1.13 updated Common_Consequences, Demonstrative_Examples
2012-05-11 CWE Content Team 2.2 updated Observed_Examples, Relationships
2014-07-30 CWE Content Team 2.8 updated Relationships
2017-05-03 CWE Content Team 2.11 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Modes_of_Introduction, Relationships
2019-06-20 CWE Content Team 3.3 updated Relationships
2020-02-24 CWE Content Team 4.0 updated References, Relationships
2020-08-20 CWE Content Team 4.2 updated Related_Attack_Patterns
2021-10-28 CWE Content Team 4.6 updated Relationships
2022-10-13 CWE Content Team 4.9 updated Relationships
2023-01-31 CWE Content Team 4.10 updated Description, Related_Attack_Patterns
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-12-11 CWE Content Team 4.19 updated Relationships, Weakness_Ordinalities
cvelogic Threat Intelligence