ByteOS Network

CAPEC-645:Use of Captured Tickets (Pass The Ticket)

Attack Pattern ID:645

Version:v3.9

Attack Pattern Name:Use of Captured Tickets (Pass The Ticket)

Abstraction:Detailed

Status:Stable

Likelihood of Attack:Low

Typical Severity:High

Details Content History Related Weaknesses Reports

3Weaknesses found

CWE-294

Authentication Bypass by Capture-replay

View Details

Authentication Bypass by Capture-replay

Likelihood of Exploit-High

Mapping-Allowed

Abstraction-Base

Found in177CVEs

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Impacts-

Gain Privileges or Assume Identity

Tags-

High exploit Gain Privileges or Assume Identity (impact)

As Seen In-

CWE Cross-section

CWE-308

Use of Single-factor Authentication

View Details

Use of Single-factor Authentication

Likelihood of Exploit-High

Mapping-Allowed

Abstraction-Base

Found in7CVEs

The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme.

Impacts-

Bypass Protection Mechanism

Tags-

High exploit Bypass Protection Mechanism (impact)

As Seen In-

CWE Cross-section

CWE-522

Insufficiently Protected Credentials

View Details

Insufficiently Protected Credentials

Likelihood of Exploit-Not Available

Mapping-Allowed-with-Review

Abstraction-Class

Found in1192CVEs

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Impacts-

Gain Privileges or Assume Identity

Tags-

ICS/OT (technology class)Gain Privileges or Assume Identity (impact)

As Seen In-

2021 CWE Top 25 Most Dangerous Software 2020 CWE Top 25 Most Dangerous Software CWE Cross-section