ObamaCare is again on the spot. California’s site has +500K users, and, as the video shows, they’re at risk of hijacking attack.
Site’s admin has been warned, but so far, this hasn’t been fixed.
Vulnerability found by Kristian Hermansen
The vulnerability is horizontal privilege escalation. The PIN reset function – while updating the PIN for the current user – also attaches all the personal data in the POST request. This allows the attacker to tamper with the request, exchanging his username with the victim’s username and setting a new PIN for the victim.
EDIT: video was removed from youtube.
The PoC is on the video above. For the moment, it’s not known if this affects any other ObamaCare site’s than California’s.