One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 1755868 |
| Date de publication | 2020-06-08 03:07:20 (vue: 2020-06-08 11:08:33) |
| Titre | Any Indian DigiLocker Account Could\'ve Been Accessed Without Password |
| Texte | The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially allowed a remote attacker to bypass mobile one-time passwords (OTP) and sign in as other users to access their sensitive documents stored on the platform.
"The OTP function lacks authorization which makes it possible to perform OTP validation with |
| Notes | |
| Envoyé | Oui |
| Condensat | access accessed account addressed allowed any attacker authorization been bypass could critical digilocker document documents function government has have indian its lacks makes mobile one other otp password passwords perform platform possible potentially remote said secure sensitive service sign stored time users validation vulnerability wallet which without |
| Tags | Vulnerability |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.