Security News > 2017 > July > Uber Patches Authentication Bypass Vulnerability on Custom SSO Solution (Threatpost)

Uber Patches Authentication Bypass Vulnerability on Custom SSO Solution (Threatpost)

2017-07-12 16:36

Uber patched an authentication bypass vulnerability in its homegrown SSO solution that allowed attackers to take over subdomains and steal session cookies.

News URL

http://threatpost.com/uber-patches-authentication-bypass-vulnerability-on-custom-sso-solution/126791/

#authentication #bypass #SSO #threatpost #uber #vulnerability

Related news

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
GitLab patches critical authentication bypass vulnerabilities (source)
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
Broadcom warns of authentication bypass in VMware Windows Tools (source)
Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.