Vulnerabilities > Authentication Bypass by Capture-replay
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-18 | CVE-2020-26172 | Authentication Bypass by Capture-replay vulnerability in Tangro Business Workflow 1.17.5 Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows an attacker to reuse the token when a session is active. | 6.5 |
| 2020-12-18 | CVE-2020-35551 | Authentication Bypass by Capture-replay vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. | 9.8 |
| 2020-12-15 | CVE-2020-14302 | Authentication Bypass by Capture-replay vulnerability in Redhat Keycloak A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter. | 4.9 |
| 2020-11-18 | CVE-2020-13799 | Authentication Bypass by Capture-replay vulnerability in multiple products Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. | 6.8 |
| 2020-11-12 | CVE-2020-12355 | Authentication Bypass by Capture-replay vulnerability in Intel Trusted Execution Engine Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 6.8 |
| 2020-10-15 | CVE-2020-27157 | Authentication Bypass by Capture-replay vulnerability in Veritas Aptare 10.4 Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. | 8.1 |
| 2020-10-07 | CVE-2020-24722 | Authentication Bypass by Capture-replay vulnerability in Exposure Notifications Project Exposure Notifications 20201005 An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. | 5.9 |
| 2020-08-21 | CVE-2019-11856 | Authentication Bypass by Capture-replay vulnerability in Sierrawireless Aleos A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. | 3.8 |
| 2020-07-23 | CVE-2020-15688 | Authentication Bypass by Capture-replay vulnerability in Embedthis Goahead The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. | 8.8 |
| 2020-07-14 | CVE-2020-10045 | Authentication Bypass by Capture-replay vulnerability in Siemens products A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). | 8.8 |