Amazon OAuth Unverified Email Social Login Bypass

Aleph Research Advisory

Severity

High

Product

Amazon Website

Mitigation

Amazon is now patched.

Technical Details

Amazon supplied the account’s email addresses as part of the social login authentication process even when the user’s ownership of this email address had not been positively verified. This allowed for a social login attack as detailed in the paper.

Timeline

01-Mar-17
: Added as
03-Dec-14
: Public disclosure

Credit

peles of Aleph Research, HCL Software
roeeh of Aleph Research, HCL Software