New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Amadeus Travel Services Vulnerability

A hacker discovered a vulnerability in Israel’s ELAL Airline reservation system while trying to find a flight. After the bug had been analyzed, researchers discovered that if RULE_SOURCE_1_ID was altered they were able to see passenger name records, as well as flight bookings. With those credentials, the researchers accessed ELAL’s customer portal, and inside actions such as changing assigned seats, meals, contact details, and flight reservations were able to be performed. ELAL sends their PNR codes through unencrypted emails and many of their customers unintentionally post these codes on social media sites. A script was run to determine if brute-force protections were being used, but they were not. Amadeus has since mitigated this issue by implementing a pathway to recovery (PTR).

Analyst Notes

Users are suggested to recognize what their PNR is and to not share it online. Since this bug is on the side of the company, it is best to follow their instructions or suggestions.