Total
147 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-12692 | 2 Canonical, Openstack | 2 Ubuntu Linux, Keystone | 2024-02-28 | 5.5 MEDIUM | 5.4 MEDIUM |
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times. | |||||
CVE-2020-10045 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An error in the challenge-response procedure could allow an attacker to replay authentication traffic and gain access to protected areas of the web application. | |||||
CVE-2020-6972 | 1 Honeywell | 1 Notifier Webserver | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. | |||||
CVE-2020-5261 | 1 Sustainsys | 1 Saml2 | 2024-02-28 | 4.9 MEDIUM | 6.8 MEDIUM |
Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detection is an important defence in depth measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 is not affected. It has a correct Token Replay Implementation and is safe to use. Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 have a faulty implementation of Token Replay Detection. Token Replay Detection is an important defense measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 and prior versions are not affected. These versions have a correct Token Replay Implementation and are safe to use. | |||||
CVE-2019-11856 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-02-28 | 5.5 MEDIUM | 3.8 LOW |
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials. | |||||
CVE-2019-13533 | 1 Omron | 2 Plc Cj Firmware, Plc Cs Firmware | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves. | |||||
CVE-2019-18226 | 1 Honeywell | 128 H2w2gr1, H2w2gr1 Firmware, H2w2pc1m and 125 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products. | |||||
CVE-2020-10185 | 1 Yubico | 1 Yubikey One Time Password Validation Server | 2024-02-28 | 6.8 MEDIUM | 8.6 HIGH |
The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT affect YubiCloud. | |||||
CVE-2019-12393 | 1 Anviz | 1 Management System | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests. | |||||
CVE-2013-1351 | 1 Veraxsystems | 1 Network Management System | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password. | |||||
CVE-2019-12887 | 1 Keyidentity | 1 Linotp | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2). | |||||
CVE-2019-9158 | 1 Gemalto | 1 Ezio Ds3 Server | 2024-02-28 | 2.7 LOW | 5.7 MEDIUM |
Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control. | |||||
CVE-2019-3915 | 1 Verizon | 2 Fios Quantum Gateway G1100, Fios Quantum Gateway G1100 Firmware | 2024-02-28 | 5.4 MEDIUM | 7.5 HIGH |
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface. | |||||
CVE-2018-15498 | 1 Ysoft | 2 Safeq Server, Safeq Server Client | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
YSoft SafeQ Server 6 allows a replay attack. | |||||
CVE-2019-5307 | 1 Huawei | 4 P30, P30 Firmware, P30 Pro and 1 more | 2024-02-28 | 4.3 MEDIUM | 4.2 MEDIUM |
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107) | |||||
CVE-2019-9659 | 2 Chuango, Eminent | 22 A11 Pstn\/lcd\/rfid Touch Alarm System, A11 Pstn\/lcd\/rfid Touch Alarm System Firmware, A8 Pstn Alarm System and 19 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control, allowing an attacker to arm, disarm, or trigger the alarm remotely via replay attacks, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System. | |||||
CVE-2019-11334 | 1 Tzumi | 3 Klic Lock, Klic Smart Padlock Model 5686, Klic Smart Padlock Model 5686 Firmware | 2024-02-28 | 4.3 MEDIUM | 3.7 LOW |
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources (that are not otherwise accessible without proper authentication) via capture-replay. Physically proximate attackers can use this information to unlock unauthorized Tzumi Electronics Klic Smart Padlock Model 5686 Firmware 6.2. | |||||
CVE-2018-7790 | 1 Schneider-electric | 2 Modicon M221, Modicon M221 Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC. | |||||
CVE-2018-17176 | 1 Neatorobotics | 6 Botvac D4 Connected, Botvac D4 Connected Firmware, Botvac D6 Connected and 3 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication (always transmitted in cleartext) can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all. | |||||
CVE-2018-7356 | 1 Zte | 2 Zxr10 8905e, Zxr10 8905e Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections. |