[ST-114] Insufficient Email Authorization Controls - Workterra Jira

XML

Word

Printable

Details

Type: Change Request
Status: Closed
Priority: Medium
Resolution: Done
Component/s: BenAdmin
Labels:
- Security

Module:
BenAdmin - Security
Reported by:
Support
Item State:
Production Complete - Closed
Issue Importance:
Must Have
Sprint:
ST Sprint 2

Description

Vulnerability Description:
WORKTERRA provides an interface for sending emails to administrators and WORKTERRA's customer support system. The backend does not rate-limit or validate the destination of these emails.

Impact:
A malicious user could use WORKTERRA servers as a spam delivery platform.

Verification and Attack Information:
Praetorian verified this finding by intercepting requests to the endpoint responsible for sending emails. A malicious user can modify the destination email address to any email address. Additionally, there are no controls in place to the number of emails sent within a given time frame. This finding was demonstrated by sending 50 emails to a test email account. The figure below shows that the emails are originating from WORKTERRA IP addresses.

Recommendation:
Validate the email's destination address on the server-side. Additionally, WORKTERRA should limit the number of emails that a user can send per-minute.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

Error Log.txt
2 kB
20/Sep/16 06:36 AM
server_error.png
194 kB
22/Jun/16 12:03 PM

Issue Links

relates to

ST-211 Restrict domain user for emails

Closed

Activity

People

Assignee:: Rashmita Dudhe (Inactive)

Reporter:: Vijayendra Shinde (Inactive)

Developer:: Niteen Surwase (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 04/Apr/16 12:03 PM

Updated:: 21/Dec/16 02:18 PM

Resolved:: 23/Nov/16 12:57 PM

Production Due Date:: 21/Jun/2016