2022-09 Penetration Test

Owned by Uwe Wahser
Last updated: Aug 02, 2023
1 min read

Overview

Date

2022-09-14

Status

FIXED

Release

Release 2022-04

TestType

automatic

TestTopic

Penetration Test

Context

Project: Security 2022

Tester

SecurityOne

Standard

Background: Open Web Application Security Project (OWASP)

Result Summary

Vulnerabilities

Risk

Count

Critical

0

High

1

Medium

0

Low

3

extension

OWASP Top 10

A01

YES

OWASP A01:2021 – Broken Access Control

A02

NO

OWASP A02:2021 – Cryptographic Failures

A03

NO

OWASP A03:2021 – Injection

A04

YES

OWASP A04:2021 – Insecure Design

A05

YES

OWASP A05:2021 – Security Misconfiguration

A06

NO

OWASP A06:2021 – Vulnerable and Outdated Components

A07

NO

OWASP A07:2021 – Identification and Authentication Failures

A08

NO

OWASP A08:2021 – Software and Data Integrity Failures

A09

NO

OWASP A09:2021 – Security Logging and Monitoring Failures

A10

NO

OWASP A10:2021 – Server-Side Request Forgery (SSRF)

Methodology

SecurityONE based the findings and recommendations presented in this report on manual and automatic web application vulnerability scanning and penetration testing against the web application.

  • Automatic web application scanning:
    SecurityONE has used several commercial tools to analyze the target environment and identify potential vulnerabilities. Automatic scanning software identifies application-level vulnerabilities.

  • Web application manual testing:
    Using the information generated by the automated testing software, SecurityONE also used manual testing techniques to identify and try to exploit additional vulnerabilities in the targeted application and to eliminate false positives caused by the automated scanning process. The assessment was conducted in accordance with best practices in the industry, defined by such methodologies as ISECOM's Open-Source Security Testing Methodology Manual (OSSTMM) and the Open Web Application Security Project (OWASP).

Detailed Results

Vulnerability

Risk

Impact

Status

Vulnerability

Risk

Impact

Status

Broken Authorization

High

This allows a low privilege attacker to perform actions that a higher privilege user would normally have access to.

Default Passwords Hardcoded

Low

In a default implementation of an openIMIS environment, an attacker with access with these passwords can potentially access confidential information.

GraphQL introspection enabled

Low

An attacker can map out the API’s schema and gather information related to its configuration. This could lead to further attacks and potential loss of sensitive information.

Cookie Without SECURE flag

Low

To exploit this vulnerability, an attacker must be suitably positioned to eavesdrop on the victim's network traffic. Note that an advanced adversary could potentially target any connection made over the Internet's core infrastructure.

Remediation

All errors were fixed ( ) or rejected as not applicable ( ). No instances in countries were affected.

Report

Did you encounter a problem or do you have a suggestion?

Please contact our Service Desk


This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. https://creativecommons.org/licenses/by-sa/4.0/