Vulnerabilities > Authentication Bypass by Capture-replay

DATE CVE VULNERABILITY TITLE RISK
2021-02-08 CVE-2021-25835 Authentication Bypass BY Capture-Replay vulnerability in Chainsafe Ethermint
Cosmos Network Ethermint <= v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module.
network
low complexity
chainsafe CWE-294
5.0
2021-02-08 CVE-2021-25834 Authentication Bypass BY Capture-Replay vulnerability in Chainsafe Ethermint
Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module.
network
low complexity
chainsafe CWE-294
5.0
2021-01-19 CVE-2020-27269 Authentication Bypass BY Capture-Replay vulnerability in Sooil products
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences via Bluetooth Low Energy.
2.9
2020-12-18 CVE-2020-26172 Authentication Bypass BY Capture-Replay vulnerability in Tangro Business Workflow
Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows an attacker to reuse the token when a session is active.
network
low complexity
tangro CWE-294
6.4
2020-12-18 CVE-2020-35551 Authentication Bypass BY Capture-Replay vulnerability in Google Android
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software.
network
low complexity
google CWE-294
7.5
2020-12-15 CVE-2020-14302 Authentication Bypass BY Capture-Replay vulnerability in Redhat Keycloak
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter.
network
low complexity
redhat CWE-294
4.0
2020-12-14 CVE-2020-25229 Authentication Bypass BY Capture-Replay vulnerability in Siemens Logo! 8 BM Firmware
A vulnerability has been identified in LOGO! 8 BM (incl.
network
low complexity
siemens CWE-294
5.0
2020-11-23 CVE-2020-25660 Authentication Bypass BY Capture-Replay vulnerability in multiple products
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus.
low complexity
redhat fedoraproject CWE-294
5.8
2020-11-18 CVE-2020-13799 Authentication Bypass BY Capture-Replay vulnerability in Westerndigital products
Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe.
local
low complexity
westerndigital CWE-294
4.6
2020-11-12 CVE-2020-12355 Authentication Bypass BY Capture-Replay vulnerability in Intel Trusted Execution Engine 3.0/3.1.75/4.0.25
Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
local
low complexity
intel CWE-294
4.6