Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Flaw in PayPal authentication process allows access to blocked accounts

Flaw in PayPal authentication process allows access to blocked accounts

2014/10/09

Softpedia - (International) A researcher with Vulnerability Laboratory identified and reported a flaw in the mobile authentication process for PayPal that can allow an attacker to attempt to input passwords an unlimited number of times without causing the account to be locked. The issue reported in March 2013 affects the iOS mobile app for PayPal and a fix is not currently available.

Source: http://news.softpedia.com/news/Flaw-in-PayPal-Authentication-Process-Allows-Access-To-Blocked-Accounts-461622.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:03