New Generic Top-Level Domain (gTLD) portals taken offline by ICANN due to security flaw
The Internet Corporation for Assigned Names and Numbers (ICANN) shut down two new generic top-level domain (gTLD) portals on February 27 after learning of a vulnerability that could have been exploited to view users’ data.
ICANN in a statement(PDF) said that the security issue affected the New gTLD Applicant and GDD (Global Domains Division) portals. ICANN said that these portals contain information on New gTLD Program applicants and registry operators and were supposed to be only accessible to applicants and operators to carry out evaluation and contracting processes.
ICANN said a authorised user had informed them that these portals contained a vulnerability which could have allow an authenticated user to view the data of other users.
Q1: What is the nature of this issue?
A1: An issue was reported that could potentially affect users of the New gTLD Applicant and GDD (Global Domains Division) portals. Under certain circumstances, an authenticated portal user could potentially view data of, or related to, other users. Access to, and data in, these portals is limited to New gTLD Program applicants and New gTLD registry operators.
ICANN also said it had addressed the bug and restored access to the portals on March 2. Further it sated that it had no evidence to suggest that the vulnerability had been exploited by any third party thus far.
This is the second time, ICANN had to go public with the security issue. Back in Decmeber, 2014 ICANN had suffered a spear phishing attack resulting in attackers gaining administrative access to some of its’s systems, including its Centralized Zone Data Service (CZDS).