Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Government Security Your Rights Online

Security Vulnerability Found On US Federal Government Contractors Site 35

Posted by samzenpus
from the open-book dept.
dstates writes "SAM (Systems for Awards Management) is a financial management system that the US government requires all contractors and grantees to use. This system has recently been rolled out to replace the older CCR system. Friday night, thousands of SAM users received the following message: 'Dear SAM user, The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA. Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity's registration information, including both public and non-public data at all sensitivity levels.' From March 8 to 10, any registered user who searched the system could view confidential information including account and social security numbers for any other user of the system. Oops! The Government Services Administration says that they have fixed the problem."
This discussion has been archived. No new comments can be posted.

Security Vulnerability Found On US Federal Government Contractors Site

Comments Filter:

The only problem with being a man of leisure is that you can never stop and take a rest.

Working...