CWE-301 – Reflection Attack in an Authentication Protocol
Description Simple authentication protocols are subject to reflection attacks if a malicious user can use the target machine to impersonate a trusted user. Modes of...
CWE-294 – Authentication Bypass by Capture-replay
Description A capture-replay flaw exists when the design of the software makes it possible for a malicious user to sniff network traffic and bypass authentication...