Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-90:Reflection Attack in Authentication Protocol
Attack Pattern ID:90
Version:v3.9
Attack Pattern Name:Reflection Attack in Authentication Protocol
Abstraction:Standard
Status:Draft
Likelihood of Attack:High
Typical Severity:High
DetailsContent HistoryRelated WeaknessesReports
2Weaknesses found
CWE-301
Reflection Attack in an Authentication Protocol
ShareView Details
Reflection Attack in an Authentication Protocol
Likelihood of Exploit-Medium
Mapping-Allowed
Abstraction-Base
Found in1CVEs

Simple authentication protocols are subject to reflection attacks if a malicious user can use the target machine to impersonate a trusted user.

Impacts-
Gain Privileges or Assume Identity
Tags-
Medium exploitGain Privileges or Assume Identity (impact)
As Seen In-
CWE Cross-section
CWE-303
Incorrect Implementation of Authentication Algorithm
ShareView Details
Incorrect Implementation of Authentication Algorithm
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in59CVEs

The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

Impacts-
Bypass Protection Mechanism
Tags-
Bypass Protection Mechanism (impact)
As Seen In-
Not Available