CAPEC Related Weakness
Session Sidejacking
CWE-294 Authentication Bypass by Capture-replay
CWE-319 Cleartext Transmission of Sensitive Information
CWE-522 Insufficiently Protected Credentials
CWE-523 Unprotected Transport of Credentials
CWE-614 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Kerberoasting
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-522 Insufficiently Protected Credentials
Remote Services with Stolen Credentials
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-522 Insufficiently Protected Credentials
Windows Admin Shares with Stolen Credentials
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-521 Weak Password Requirements
CWE-522 Insufficiently Protected Credentials
Reusing Session IDs (aka Session Replay)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-285 Improper Authorization
CWE-290 Authentication Bypass by Spoofing
CWE-294 Authentication Bypass by Capture-replay
CWE-346 Origin Validation Error
CWE-384 Session Fixation
CWE-488 Exposure of Data Element to Wrong Session
CWE-539 Use of Persistent Cookies Containing Sensitive Information
CWE-664 Improper Control of a Resource Through its Lifetime
CWE-732 Incorrect Permission Assignment for Critical Resource
Use of Captured Hashes (Pass The Hash)
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-308 Use of Single-factor Authentication
CWE-522 Insufficiently Protected Credentials
CWE-836 Use of Password Hash Instead of Password for Authentication
Use of Captured Tickets (Pass The Ticket)
CWE-294 Authentication Bypass by Capture-replay
CWE-308 Use of Single-factor Authentication
CWE-522 Insufficiently Protected Credentials
Use of Known Kerberos Credentials
CWE-262 Not Using Password Aging
CWE-263 Password Aging with Long Expiration
CWE-294 Authentication Bypass by Capture-replay
CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-308 Use of Single-factor Authentication
CWE-309 Use of Password System for Primary Authentication
CWE-522 Insufficiently Protected Credentials
CWE-654 Reliance on a Single Factor in a Security Decision
CWE-836 Use of Password Hash Instead of Password for Authentication
Browser in the Middle (BiTM)
CWE-294 Authentication Bypass by Capture-replay
CWE-345 Insufficient Verification of Data Authenticity
Adversary in the Middle (AiTM)
CWE-287 Improper Authentication
CWE-290 Authentication Bypass by Spoofing
CWE-294 Authentication Bypass by Capture-replay
CWE-300 Channel Accessible by Non-Endpoint
CWE-593 Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created