Filtered by CWE-294
Filtered by vendor Subscriptions
Total 160 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-46892 1 Meross 2 Msh30q, Msh30q Firmware 2024-11-21 8.8 High
The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unauthorized commands or actions (e.g., thermostat's temperature).
CVE-2023-45794 1 Siemens 1 Mendix 2024-11-21 6.8 Medium
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4.0), Mendix Applications using Mendix 7 (All versions < V7.23.37), Mendix Applications using Mendix 8 (All versions < V8.18.27), Mendix Applications using Mendix 9 (All versions < V9.24.10). A capture-replay flaw in the platform could have an impact to apps built with the platform, if certain preconditions are met that depend on the app's model and access control design. This could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app.
CVE-2023-41890 1 Sustainsys 1 Saml2 2024-11-21 7.5 High
Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider. It is also possible for a malicious end user to cause stored state intended for one identity provider to be used when processing the response from another provider. An application is impacted if they rely on any of these features in their authentication/authorization logic: the issuer of the generated identity and claims; or items in the stored request state (AuthenticationProperties). This issue is patched in versions 2.9.2 and 1.0.3. The `AcsCommandResultCreated` notification can be used to add the validation required if an upgrade to patched packages is not possible.
CVE-2023-39373 1 Hyundai 2 Hyundai 2017, Hyundai 2017 Firmware 2024-11-21 7.4 High
 A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.
CVE-2023-36857 1 Bakerhughes 2 Bentley Nevada 3500 System, Bentley Nevada 3500 System Firmware 2024-11-21 5.4 Medium
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access.
CVE-2023-34625 1 Showmojo 2 Mojobox, Mojobox Firmware 2024-11-21 8.1 High
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation of the lock opening mechanism via Bluetooth Low Energy (BLE) is vulnerable to replay attacks. A malicious user is able to intercept BLE requests and replicate them to open the lock at any time. Alternatively, an attacker with physical access to the device on which the Android app is installed, can obtain the latest BLE messages via the app logs and use them for opening the lock.
CVE-2023-33621 1 Gl-inet 2 Gl-ar750s, Gl-ar750s Firmware 2024-11-21 5.9 Medium
GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay.
CVE-2023-33281 1 Nissan 2 Sylphy Classic 2021, Sylphy Classic 2021 Firmware 2024-11-21 6.5 Medium
The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack. NOTE: the vendor's position is that this cannot be reproduced with genuine Nissan parts: for example, the combination of keyfob and door handle shown in the exploit demonstration does not match any technology that Nissan provides to customers.
CVE-2023-31763 1 Agshome Smart Alarm Project 2 Agshome Smart Alarm, Agshome Smart Alarm Firmware 2024-11-21 7.5 High
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
CVE-2023-31762 1 Mydigoo 2 Dg-hamb, Dg-hamb Firmware 2024-11-21 7.5 High
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack.
CVE-2023-31761 1 Blitzwolf 2 Bw-is22, Bw-is22 Firmware 2024-11-21 7.5 High
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via a code replay attack.
CVE-2023-31759 1 Keruistore 2 Kerui W18, Kerui W18 Firmware 2024-11-21 7.5 High
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack.
CVE-2023-30909 2 Hp, Hpe 3 Oneview, Oneview, Oneview Global Dashboard 2024-11-21 9.8 Critical
A remote authentication bypass issue exists in some OneView APIs.
CVE-2023-2846 1 Mitsubishielectric 300 Fx3g-14mr\/ds, Fx3g-14mr\/ds Firmware, Fx3g-14mr\/es and 297 more 2024-11-21 7.5 High
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets.
CVE-2023-23397 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2024-11-21 9.8 Critical
Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2023-20900 7 Debian, Fedoraproject, Linux and 4 more 12 Debian Linux, Fedora, Linux Kernel and 9 more 2024-11-21 7.1 High
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
CVE-2023-20123 1 Cisco 2 Duo, Duo Authentication For Windows Logon And Rdp 2024-11-21 6.3 Medium
A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP could allow an unauthenticated, physical attacker to replay valid user session credentials and gain unauthorized access to an affected macOS or Windows device. This vulnerability exists because session credentials do not properly expire. An attacker could exploit this vulnerability by replaying previously used multifactor authentication (MFA) codes to bypass MFA protection. A successful exploit could allow the attacker to gain unauthorized access to the affected device.
CVE-2023-1886 1 Phpmyfaq 1 Phpmyfaq 2024-11-21 7.3 High
Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1537 1 Answer 1 Answer 2024-11-21 9.8 Critical
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
CVE-2023-0036 1 Openatom 1 Openharmony 2024-11-21 6.5 Medium
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.