Authentication Vulnerability in Microsoft Yammer Social Network

by George Chetcuti [Published on 9 Aug. 2013 / Last Updated on 9 Aug. 2013]

Yammer is a secure, private social network for private communication within organizations or between organizational members and pre-designated groups.

An authentication bypass session token web vulnerability is detected in the official Microsoft Yammer Social Network online-service application. The vulnerability allows remote attackers to bypass the token protection to compromise the account auth system of the web-application.

OAuth (Open Auth) is an emerging authorization standard that is being adopted by a growing number of sites such as Twitter, Facebook, Google, Yahoo!, Netflix, Flickr, and several other Resource Providers and social networking sites. It is an open-web specification for organizations to access protected resources on each other’s web sites.

Read more here - http://www.vulnerability-lab.com/get_content.php?id=1003

Add Review or Comment

Featured Links