Security News > 2017 > July > Uber Patches Authentication Bypass Vulnerability on Custom SSO Solution (Threatpost)

Uber Patches Authentication Bypass Vulnerability on Custom SSO Solution (Threatpost)

2017-07-12 16:36

Uber patched an authentication bypass vulnerability in its homegrown SSO solution that allowed attackers to take over subdomains and steal session cookies.

News URL

http://threatpost.com/uber-patches-authentication-bypass-vulnerability-on-custom-sso-solution/126791/

#authentication #bypass #SSO #threatpost #uber #vulnerability

Related news

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication (source)
New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software (source)
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) (source)
Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.