CWE-303
AllowedIncorrect Implementation of Authentication Algorithm
Abstraction: Base · Status: Draft
The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.
153 vulnerabilities reference this CWE, most recent first.
GHSA-R578-PJ6F-R4FF
Vulnerability from github – Published: 2021-06-21 17:07 – Updated: 2021-06-16 21:25Impact
New user registrations are able to access anyone's account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app functionality within the app, as well as any authenticated links to Rock-based webpages (such as giving and events).
Patches
We have released a security patch on v2.20.0. The solution was to create a duplicate person and then patch the new person with their profile details.
Workarounds
If you do not wish to upgrade your app to the new version, you can patch your server by overriding the create data source method on the People class.
create = async (profile) => {
const rockUpdateFields = this.mapApollosFieldsToRock(profile);
// auto-merge functionality is compromised
// we are creating a new user and patching them with profile details
const id = await this.post('/People', {
Gender: 0, // required by Rock. Listed first so it can be overridden.
IsSystem: false, // required by rock
});
await this.patch(`/People/${id}`, {
...rockUpdateFields,
});
return id;
};
For more information
If you have any questions or comments about this advisory: * Email us at support@apollos.app
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@apollosproject/data-connector-rock"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.20.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-32691"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-303"
],
"github_reviewed": true,
"github_reviewed_at": "2021-06-16T18:55:04Z",
"nvd_published_at": "2021-06-16T22:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nNew user registrations are able to access anyone\u0027s account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app functionality within the app, as well as any authenticated links to Rock-based webpages (such as giving and events).\n\n### Patches\n\nWe have released a security patch on v2.20.0. The solution was to create a duplicate person and then patch the new person with their profile details.\n\n### Workarounds\n\nIf you do not wish to upgrade your app to the new version, you can patch your server by overriding the `create` data source method on the `People` class.\n\n```js\n create = async (profile) =\u003e {\n const rockUpdateFields = this.mapApollosFieldsToRock(profile);\n // auto-merge functionality is compromised\n // we are creating a new user and patching them with profile details\n const id = await this.post(\u0027/People\u0027, {\n Gender: 0, // required by Rock. Listed first so it can be overridden.\n IsSystem: false, // required by rock\n });\n await this.patch(`/People/${id}`, {\n ...rockUpdateFields,\n });\n return id;\n };\n```\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email us at [support@apollos.app](mailto:support@apollos.app)\n",
"id": "GHSA-r578-pj6f-r4ff",
"modified": "2021-06-16T21:25:21Z",
"published": "2021-06-21T17:07:47Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ApollosProject/apollos-apps/security/advisories/GHSA-r578-pj6f-r4ff"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32691"
},
{
"type": "WEB",
"url": "https://github.com/ApollosProject/apollos-apps/commit/cb5f8f1c0b24f1b215b2bb5eb6f9a8e16d728ce2"
},
{
"type": "WEB",
"url": "https://github.com/ApollosProject/apollos-apps/releases/tag/v2.20.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Auto-merging Person Records Compromised"
}
GHSA-RC38-F4J6-JQ4F
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Incorrect implementation of authentication algorithm in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
{
"affected": [],
"aliases": [
"CVE-2026-50360"
],
"database_specific": {
"cwe_ids": [
"CWE-303"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T18:17:36Z",
"severity": "HIGH"
},
"details": "Incorrect implementation of authentication algorithm in Windows SMB Server allows an authorized attacker to elevate privileges over a network.",
"id": "GHSA-rc38-f4j6-jq4f",
"modified": "2026-07-14T18:32:17Z",
"published": "2026-07-14T18:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50360"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50360"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VCX9-38WQ-HX3H
Vulnerability from github – Published: 2024-08-14 15:31 – Updated: 2024-08-14 15:31An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.
{
"affected": [],
"aliases": [
"CVE-2024-25157"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-303"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-14T15:15:18Z",
"severity": "MODERATE"
},
"details": "An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.",
"id": "GHSA-vcx9-38wq-hx3h",
"modified": "2024-08-14T15:31:17Z",
"published": "2024-08-14T15:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25157"
},
{
"type": "WEB",
"url": "https://www.fortra.com/security/advisories/product-security/fi-2024-009"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VJHP-527W-C5VJ
Vulnerability from github – Published: 2023-06-22 18:30 – Updated: 2024-04-04 05:01pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.
{
"affected": [],
"aliases": [
"CVE-2023-3326"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-303"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-22T17:15:44Z",
"severity": "CRITICAL"
},
"details": "pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 has no way to validate the response from the KDC, and essentially trusts the tgt provided over the network as being valid. In a non-default FreeBSD installation that leverages pam_krb5 for authentication and does not have a keytab provisioned, an attacker that is able to control both the password and the KDC responses can return a valid tgt, allowing authentication to occur for any user on the system.\n",
"id": "GHSA-vjhp-527w-c5vj",
"modified": "2024-04-04T05:01:18Z",
"published": "2023-06-22T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3326"
},
{
"type": "WEB",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:04.pam_krb5.asc"
},
{
"type": "WEB",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:09.pam_krb5.asc"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230714-0005"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W9J2-M5WX-FQQ4
Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-12 18:30Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
{
"affected": [],
"aliases": [
"CVE-2026-41103"
],
"database_specific": {
"cwe_ids": [
"CWE-303"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T18:17:21Z",
"severity": "CRITICAL"
},
"details": "Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira \u0026amp; Confluence allows an unauthorized attacker to elevate privileges over a network.",
"id": "GHSA-w9j2-m5wx-fqq4",
"modified": "2026-05-12T18:30:46Z",
"published": "2026-05-12T18:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41103"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41103"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WCM6-243C-86F3
Vulnerability from github – Published: 2026-02-04 00:30 – Updated: 2026-07-10 15:31EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and privileges.
{
"affected": [],
"aliases": [
"CVE-2020-37094"
],
"database_specific": {
"cwe_ids": [
"CWE-303",
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-03T22:16:25Z",
"severity": "HIGH"
},
"details": "EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and privileges.",
"id": "GHSA-wcm6-243c-86f3",
"modified": "2026-07-10T15:31:34Z",
"published": "2026-02-04T00:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-37094"
},
{
"type": "WEB",
"url": "https://github.com/espocrm/espocrm/commit/b299220dd0c7acdaa1ed8be8ffd79c7985093c7a"
},
{
"type": "WEB",
"url": "https://www.espocrm.com"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/48376"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/espocrm-privilege-escalation"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/espocrm-two-factor-auth-bypass-via-auth-token-reuse-between-accounts-with-identical-passwords"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WHX2-QJXV-4VR9
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30D-Link DIR-2150 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. A crafted authentication header can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20910.
{
"affected": [],
"aliases": [
"CVE-2023-34282"
],
"database_specific": {
"cwe_ids": [
"CWE-303"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:27Z",
"severity": "HIGH"
},
"details": "D-Link DIR-2150 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. A crafted authentication header can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20910.",
"id": "GHSA-whx2-qjxv-4vr9",
"modified": "2024-05-03T03:30:51Z",
"published": "2024-05-03T03:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34282"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-628"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WMPM-9R6P-RPWW
Vulnerability from github – Published: 2024-01-24 21:30 – Updated: 2025-06-20 21:31An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).
{
"affected": [],
"aliases": [
"CVE-2021-42146"
],
"database_specific": {
"cwe_ids": [
"CWE-303",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-24T19:15:08Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).",
"id": "GHSA-wmpm-9r6p-rpww",
"modified": "2025-06-20T21:31:54Z",
"published": "2024-01-24T21:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42146"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2024/Jan/19"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jan/19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WV4W-6QV2-QQFG
Vulnerability from github – Published: 2025-10-09 17:08 – Updated: 2025-10-13 15:40Impact
Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn't require unique e-mail addresses.
Patches
- https://github.com/python-social-auth/social-app-django/pull/803
Workarounds
Review the authentication service policy on e-mail addresses; many will not allow exploiting this vulnerability.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "social-auth-app-django"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-61783"
],
"database_specific": {
"cwe_ids": [
"CWE-290",
"CWE-303"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-09T17:08:05Z",
"nvd_published_at": "2025-10-09T21:15:40Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nUpon authentication, the user could be associated by e-mail even if the `associate_by_email` pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn\u0027t require unique e-mail addresses.\n\n### Patches\n\n* https://github.com/python-social-auth/social-app-django/pull/803\n\n### Workarounds\n\nReview the authentication service policy on e-mail addresses; many will not allow exploiting this vulnerability.",
"id": "GHSA-wv4w-6qv2-qqfg",
"modified": "2025-10-13T15:40:00Z",
"published": "2025-10-09T17:08:05Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-wv4w-6qv2-qqfg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61783"
},
{
"type": "WEB",
"url": "https://github.com/python-social-auth/social-app-django/issues/220"
},
{
"type": "WEB",
"url": "https://github.com/python-social-auth/social-app-django/issues/231"
},
{
"type": "WEB",
"url": "https://github.com/python-social-auth/social-app-django/issues/634"
},
{
"type": "WEB",
"url": "https://github.com/python-social-auth/social-app-django/pull/803"
},
{
"type": "WEB",
"url": "https://github.com/python-social-auth/social-app-django/commit/10c80e2ebabeccd4e9c84ad0e16e1db74148ed4c"
},
{
"type": "PACKAGE",
"url": "https://github.com/python-social-auth/social-app-django"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Python Social Auth - Django has unsafe account association "
}
GHSA-X527-X647-Q7GG
Vulnerability from github – Published: 2026-06-25 22:23 – Updated: 2026-07-10 12:31Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "golang.org/x/crypto"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.52.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-46595"
],
"database_specific": {
"cwe_ids": [
"CWE-303",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-25T22:23:16Z",
"nvd_published_at": "2026-05-22T04:16:25Z",
"severity": "CRITICAL"
},
"details": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.",
"id": "GHSA-x527-x647-q7gg",
"modified": "2026-07-10T12:31:34Z",
"published": "2026-06-25T22:23:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46595.json"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"type": "WEB",
"url": "https://go.dev/issue/79570"
},
{
"type": "WEB",
"url": "https://go.dev/cl/781642"
},
{
"type": "PACKAGE",
"url": "https://cs.opensource.google/go/x/crypto"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:37387"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:37275"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:33531"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:33524"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:30651"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:30650"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:23264"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:23262"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
}
],
"summary": "golang.org/x/crypto: Invoking VerifiedPublicKeyCallback permissions skip enforcement"
}
No mitigation information available for this CWE.
CAPEC-90: Reflection Attack in Authentication Protocol
An adversary can abuse an authentication protocol susceptible to reflection attack in order to defeat it. Doing so allows the adversary illegitimate access to the target system, without possessing the requisite credentials. Reflection attacks are of great concern to authentication protocols that rely on a challenge-handshake or similar mechanism. An adversary can impersonate a legitimate user and can gain illegitimate access to the system by successfully mounting a reflection attack during authentication.