Vulnerabilities > Authentication Bypass by Capture-replay
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-33281 | Authentication Bypass by Capture-replay vulnerability in Nissan Sylphy Classic 2021 Firmware The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack. | 6.5 |
| 2023-04-21 | CVE-2022-47930 | Authentication Bypass by Capture-replay vulnerability in Iofinnet Tss-Lib An issue was discovered in IO FinNet tss-lib before 2.0.0. | 6.8 |
| 2023-04-05 | CVE-2023-20123 | Authentication Bypass by Capture-replay vulnerability in Cisco DUO and DUO Authentication for Windows Logon and RDP A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP could allow an unauthenticated, physical attacker to replay valid user session credentials and gain unauthorized access to an affected macOS or Windows device. | 4.6 |
| 2023-04-05 | CVE-2023-1886 | Authentication Bypass by Capture-replay vulnerability in PHPmyfaq Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | 9.8 |
| 2023-03-21 | CVE-2023-1537 | Authentication Bypass by Capture-replay vulnerability in Answer Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6. | 9.8 |
| 2023-03-14 | CVE-2023-23397 | Authentication Bypass by Capture-replay vulnerability in Microsoft 365 Apps, Office and Outlook Microsoft Outlook Elevation of Privilege Vulnerability | 9.8 |
| 2023-01-31 | CVE-2022-45789 | Authentication Bypass by Capture-replay vulnerability in Schneider-Electric products A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. | 9.8 |
| 2023-01-20 | CVE-2022-43704 | Authentication Bypass by Capture-replay vulnerability in Sinilink Xy-Wft1 Firmware 1.3.6 The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. | 5.9 |
| 2023-01-10 | CVE-2023-0014 | Authentication Bypass by Capture-replay vulnerability in SAP products SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguous format. | 9.8 |
| 2023-01-09 | CVE-2023-0035 | Authentication Bypass by Capture-replay vulnerability in Openharmony softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege. | 7.8 |