Millions of airline customers possibly affected by OAuth security flaw

A travel service, integrated into many airline service providers, carried a security flaw
This could be abused to log into people’s accounts and change their bookings
It has since been reported and mitigated

A “popular, top-tier” travel service for hotel and car rentals was vulnerable to a flaw which allowed malicious actors to take over anyone’s account, a new report from API security firm Salt Labs has claimed.

By abusing the flaw, they would be able to book hotel rooms, rent cars, and modify any booking information, easily. To make matters worse, since the service is integrated into “dozens” of commercial airline online services, it would also allow miscreants to spend airline loyalty points, and more.

Salt Labs said millions of people could be at risk, but that it did not want to say the name of the affected service.

Stealing session cookies

Here is how a theoretical attack would work: A malicious actor would create a custom-tailored link and share it with the victim via usual channels (for example, email). The victim would click on the link, leading to the rental service provider, which would ask it to log in with the credentials associated with the airline service provider.

At that point, the rental platform generates a second link, and sends the victim back to the airline’s website, to log in using OAuth.

OAuth (Open Authorization) is an open standard for secure access delegation, allowing applications to access a user’s data on another service without exposing their credentials.

Because of the custom-built link, the authentication response is returned to the attackers, including the user’s session token, which grants them access to the platform.

“Since the manipulated link uses a legitimate customer domain (with manipulation occurring only at the parameter level rather than the domain level), this makes the attack difficult to detect through standard domain inspection or blocklist/allowlist methods,” the researchers said in their write-up.

Salt Labs disclosed its findings to the affected service, which confirmed the flaw and deployed a fix.

https://cdn.mos.cms.futurecdn.net/BPTxHrmP9qQcvoA9SuGqcP-1200-80.jpg

Source link

This top-rated 75-inch Hisense TV is down to under $700 at Amazon

The new Alienware Area 51 with an RTX 5080 is now available – but there’s a catch

Your streaming videos and brand new 4K TV are to blame for surging global CO2 emission, experts say

What is a Generative Adversarial Network?

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

Trump vs. Harris: How the election will affect EV adoption

Lumwana’s Super Pit Expansion Officially Launched By Investing.com

How Biden could use a 1947 law to suspend the dockworkers’ strike

Why your Roth IRA conversions could have ‘unintended’ tax consequences

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Millions of airline customers possibly affected by OAuth security flaw

This top-rated 75-inch Hisense TV is down to under $700 at Amazon

The new Alienware Area 51 with an RTX 5080 is now available – but there’s a catch

Your streaming videos and brand new 4K TV are to blame for surging global CO2 emission, experts say

What is a Generative Adversarial Network?

Leave a reply Cancel reply