New Features 2017Project Type: software

New Features 2017

Uploaded image for project: 'New Features 2017'
  1. New Features 2017
  2. NF-2334

All Company- Employee Login - URL parameters - Security - URL parameters in all the SSM pages,reports are displayed in plain text.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: High
    • Resolution: Bug Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: UI Refresh
    • Labels:
      None
    • Environment:
      Pre Production
    • Bug Type:
      Functional
    • Bug Severity:
      Medium
    • Level:
      Employee
    • Module:
      BenAdmin - Security
    • Reported by:
      Harbinger
    • Company:
      All Clients/Multiple Clients
    • Item State:
      Stage QA - Production Deployment on Hold
    • Issue Importance:
      Q2

      Description

      All Company- Employee Login - URL parameters - Security - URL parameter values in all the SSM pages,reports are displayed in plain text.

      As observed all the URL parameter values are displayed in plain english text and can be vulnerable for security breach.

      This can be generic issue and may exist for Admin,Partners,SA user roles too.

      CC : Vijayendra ShindeSachin HingoleRakesh RoyHrishikesh DeshpandeRohan J KhandaveSamir

        Attachments

        1. CCSF_URLData_notEncrypted.jpg
          CCSF_URLData_notEncrypted.jpg
          222 kB
        2. EmpBen.jpg
          EmpBen.jpg
          99 kB
        3. ParameterURL.jpg
          ParameterURL.jpg
          180 kB

          Issue Links

          relates to

          Task - A task that needs to be done. NF-2714 Vulnerability Assessment and Penetration Testing for Workterra on Azure US environment.

          • Medium - Has the potential to affect progress.
          • To Do

            Activity

            Ascending order - Click to sort in descending order
            prasadp Prasad Pise (Inactive) created issue -
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Field Original Value New Value
            Status Open [ 1 ] In Development [ 10007 ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Assignee Vijayendra Shinde [ ID10506 ] Prasad Pise [ prasadp ]
            Resolution System Behaviour [ 10100 ]
            Status In Development [ 10007 ] Rejected [ 10004 ]
            prasadp Prasad Pise (Inactive) made changes -
            Link This issue relates to NF-2714 [ NF-2714 ]
            prasadp Prasad Pise (Inactive) made changes -
            Status Rejected [ 10004 ] Closed [ 6 ]
            prasadp Prasad Pise (Inactive) made changes -
            Module Parent values: BenAdmin(10100) Parent values: BenAdmin(10100)Level 1 values: Security(10112)
            prasadp Prasad Pise (Inactive) made changes -
            Status Closed [ 6 ] Reopen in Production [ 10027 ]
            prasadp Prasad Pise (Inactive) made changes -
            Assignee Prasad Pise [ prasadp ] Vijayendra Shinde [ ID10506 ]
            prasadp Prasad Pise (Inactive) made changes -
            Attachment ParameterURL.jpg [ 71722 ]
            prasadp Prasad Pise (Inactive) made changes -
            Bug Severity Medium [ 16702 ]
            Company All Clients/Multiple Clients [ 18434 ]
            Environment Pre Production [ 18470 ]
            Priority Highest [ 1 ] High [ 2 ]
            pratap.patil Pratap Patil (Inactive) made changes -
            Assignee Vijayendra Shinde [ ID10506 ] Pratap Patil [ pratap.patil ]
            pratap.patil Pratap Patil (Inactive) made changes -
            Status Reopen in Production [ 10027 ] In Development [ 10007 ]
            pratap.patil Pratap Patil (Inactive) made changes -
            Item State Parent values: Development(10200)Level 1 values: In Progress(10206)
            pratap.patil Pratap Patil (Inactive) made changes -
            Code Reviewed By Vijayendra Shinde [ 11901 ]
            pratap.patil Pratap Patil (Inactive) made changes -
            Item State Parent values: Development(10200)Level 1 values: In Progress(10206) Parent values: Development(10200)Level 1 values: Ready for Local Testing(10209)
            pratap.patil Pratap Patil (Inactive) made changes -
            Assignee Pratap Patil [ pratap.patil ] Prasad Pise [ prasadp ]
            khandu.kshirsagar Khandu Kshirsagar (Inactive) made changes -
            Item State Parent values: Development(10200)Level 1 values: Ready for Local Testing(10209) Parent values: LB QA(10201)Level 1 values: LB Deployed(11600)
            pratap.patil Pratap Patil (Inactive) made changes -
            Remaining Estimate 0h [ 0 ]
            Time Spent 5h [ 18000 ]
            Worklog Id 105454 [ 105454 ]
            prasadp Prasad Pise (Inactive) made changes -
            Status In Development [ 10007 ] Local Testing [ 10200 ]
            prasadp Prasad Pise (Inactive) made changes -
            Item State Parent values: LB QA(10201)Level 1 values: LB Deployed(11600) Parent values: LB QA(10201)Level 1 values: In Testing(10210)
            prasadp Prasad Pise (Inactive) made changes -
            Time Spent 5h [ 18000 ] 6h [ 21600 ]
            Worklog Id 105996 [ 105996 ]
            khandu.kshirsagar Khandu Kshirsagar (Inactive) made changes -
            Item State Parent values: LB QA(10201)Level 1 values: In Testing(10210) Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602)
            sachin.hingole Sachin Hingole (Inactive) made changes -
            Status Local Testing [ 10200 ] Stage Testing [ 10201 ]
            sachin.hingole Sachin Hingole (Inactive) made changes -
            Item State Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602) Parent values: Stage QA(10202)Level 1 values: In Testing(10214)
            prasadp Prasad Pise (Inactive) made changes -
            Time Spent 6h [ 21600 ] 6.5h [ 23400 ]
            Worklog Id 106091 [ 106091 ]
            komal.barde Komal Barde (Inactive) made changes -
            Time Spent 6.5h [ 23400 ] 13.5h [ 48600 ]
            Worklog Id 106153 [ 106153 ]
            khandu.kshirsagar Khandu Kshirsagar (Inactive) made changes -
            Item State Parent values: Stage QA(10202)Level 1 values: In Testing(10214) Parent values: LB QA(10201)Level 1 values: LB Deployed(11600)
            komal.barde Komal Barde (Inactive) made changes -
            Time Spent 13.5h [ 48600 ] 15.5h [ 55800 ]
            Worklog Id 106279 [ 106279 ]
            prasadp Prasad Pise (Inactive) made changes -
            Time Spent 15.5h [ 55800 ] 17.5h [ 63000 ]
            Worklog Id 106333 [ 106333 ]
            prasadp Prasad Pise (Inactive) made changes -
            Item State Parent values: LB QA(10201)Level 1 values: LB Deployed(11600) Parent values: LB QA(10201)Level 1 values: In Testing(10210)
            khandu.kshirsagar Khandu Kshirsagar (Inactive) made changes -
            Item State Parent values: LB QA(10201)Level 1 values: In Testing(10210) Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602)
            prasadp Prasad Pise (Inactive) made changes -
            Attachment EmpBen.jpg [ 73844 ]
            prasadp Prasad Pise (Inactive) made changes -
            Time Spent 17.5h [ 63000 ] 19.5h [ 70200 ]
            Worklog Id 106484 [ 106484 ]
            prasadp Prasad Pise (Inactive) made changes -
            Assignee Prasad Pise [ prasadp ] Komal Barde [ komal.barde ]
            sachin.hingole Sachin Hingole (Inactive) made changes -
            Resolution System Behaviour [ 10100 ] Unresolved [ 10200 ]
            Status Stage Testing [ 10201 ] Reopen in Stage [ 10023 ]
            sachin.hingole Sachin Hingole (Inactive) made changes -
            Item State Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602) Parent values: Stage QA(10202)Level 1 values: Re-open(10216)
            khandu.kshirsagar Khandu Kshirsagar (Inactive) made changes -
            Item State Parent values: Stage QA(10202)Level 1 values: Re-open(10216) Parent values: LB QA(10201)Level 1 values: LB Deployed(11600)
            pratap.patil Pratap Patil (Inactive) made changes -
            Assignee Komal Barde [ komal.barde ] Prasad Pise [ prasadp ]
            prasadp Prasad Pise (Inactive) made changes -
            Item State Parent values: LB QA(10201)Level 1 values: LB Deployed(11600) Parent values: LB QA(10201)Level 1 values: In Testing(10210)
            prasadp Prasad Pise (Inactive) made changes -
            Item State Parent values: LB QA(10201)Level 1 values: In Testing(10210) Parent values: LB QA(10201)Level 1 values: Ready for Stage(10213)
            khandu.kshirsagar Khandu Kshirsagar (Inactive) made changes -
            Item State Parent values: LB QA(10201)Level 1 values: Ready for Stage(10213) Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602)
            prasadp Prasad Pise (Inactive) made changes -
            Status Reopen in Stage [ 10023 ] In Development [ 10007 ]
            prasadp Prasad Pise (Inactive) made changes -
            Status In Development [ 10007 ] Local Testing [ 10200 ]
            prasadp Prasad Pise (Inactive) made changes -
            Status Local Testing [ 10200 ] Stage Testing [ 10201 ]
            prasadp Prasad Pise (Inactive) made changes -
            Item State Parent values: Stage QA(10202)Level 1 values: Stage Deployed(11602) Parent values: Stage QA(10202)Level 1 values: In Testing(10214)
            prasadp Prasad Pise (Inactive) made changes -
            Item State Parent values: Stage QA(10202)Level 1 values: In Testing(10214) Parent values: Stage QA(10202)Level 1 values: Production Deployment on Hold(10224)
            prasadp Prasad Pise (Inactive) made changes -
            Time Spent 19.5h [ 70200 ] 22.5h [ 81000 ]
            Worklog Id 106674 [ 106674 ]
            komal.barde Komal Barde (Inactive) made changes -
            Time Spent 22.5h [ 81000 ] 24.5h [ 88200 ]
            Worklog Id 106781 [ 106781 ]
            prasadp Prasad Pise (Inactive) made changes -
            Status Stage Testing [ 10201 ] Production Testing [ 10202 ]
            prasadp Prasad Pise (Inactive) made changes -
            Resolution Unresolved [ 10200 ] Bug Fixed [ 10402 ]
            Status Production Testing [ 10202 ] Production Complete [ 10028 ]
            prasadp Prasad Pise (Inactive) made changes -
            Time Spent 24.5h [ 88200 ] 26.5h [ 95400 ]
            Worklog Id 109208 [ 109208 ]
            prasadp Prasad Pise (Inactive) made changes -
            Status Production Complete [ 10028 ] Closed [ 6 ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Link This issue relates to DEV-13718 [ DEV-13718 ]

              People

              Assignee:
              prasadp Prasad Pise (Inactive)
              Reporter:
              prasadp Prasad Pise (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 26.5h
                  26.5h