all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Password Reset Hack Exposed in Honda's E-Commerce Platform, Dealers Data at Risk

Add to bookmarks
June 12, 2023, 8:26 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Security vulnerabilities discovered in Honda's e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information.
"Broken/missing access controls made it possible to access all data on the platform, even when logged in as a test account," security researcher Eaton Zveare said in a report published last week.
The platform is designed for the sale of power

access access controls account commerce controls data eaton eaton zveare e-commerce exploited exposed hack honda information missing password password reset platform report researcher reset risk security security researcher test vulnerabilities

Visit resource

More from thehackernews.com / The Hacker News

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices an hour ago | thehackernews.com
arcanedoor attack attack surface attack surface management +23
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs 3 hours ago | thehackernews.com
business cyberattacks cybercriminals financial +8
Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components 4 hours ago | thehackernews.com
access account android android devices +20
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs 7 hours ago | thehackernews.com
act apple apple macos arm +19
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities 2 days, 6 hours ago | thehackernews.com
actor apt28 campaign cyber +24
Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back 3 days, 2 hours ago | thehackernews.com
address attacks back business +22
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications 3 days, 2 hours ago | thehackernews.com
abusing aim amp api +25
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data 3 days, 4 hours ago | thehackernews.com
address applications business corporate +15
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources 3 days, 5 hours ago | thehackernews.com
advisory agency alert cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité - Nantes

@ Hifield | Saint-Herblain, France
View on infosec-jobs.com

L2 Security - Senior Security Engineer

@ Paytm | Noida, Uttar Pradesh
View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Consultant Active Directory H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Consultant PCI-DSS H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Head of Security Operations

@ Canonical Ltd. | Home based - Americas, EMEA
View on infosec-jobs.com
View more jobs