Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Cases owned by non-linked organisations visible to all organisations, potential data leakage #1427

Closed
shortstack opened this issue Jul 8, 2020 · 3 comments
Closed

[Bug] Cases owned by non-linked organisations visible to all organisations, potential data leakage #1427

shortstack opened this issue Jul 8, 2020 · 3 comments
Assignees
@nadouani @To-om
Labels
bug TheHive4 TheHive4 related issues
Milestone
4.0.0

Comments

@shortstack
Copy link

Cases owned by non-linked organisations visible to all organisations, potential data leakage

Request Type

Bug

Work Environment

Question Answer
OS version (server) Ubuntu 16
OS version (client) Any
TheHive version / git hash 4.0.0-RC2-1
Package Type deb
Browser type & version Chrome/FF

Problem Description

When merging alerts into a case, all similar cases for all organisations are displayed, despite the fact that those cases have not been shared with the organisation and the organisations aren't even linked. This raises an issue with multi-tenancy and creates room for data leakage. Case titles could contain information that should not be shared between tenants.

Steps to Reproduce

  1. Create alert
  2. Click "Merge into Case"
  3. Similar cases displays all similar cases from all organisations

Possible Solutions

List of similar cases that gets populated when merging an alert or case should only display alerts and cases owned by that organisation, or linked organisations, not all.
@shortstack shortstack added TheHive4 TheHive4 related issues bug labels Jul 8, 2020
@nadouani nadouani added this to the 4.0.0 milestone Jul 9, 2020
@nadouani nadouani self-assigned this Jul 9, 2020
@nadouani
Copy link
Contributor

nadouani commented Jul 9, 2020

Hello, thanks @shortstack this is gonna be fixed ;)

To-om added a commit that referenced this issue Jul 9, 2020
@To-om
#1427 Filter similarities with visible cases
39c56d5
To-om added a commit that referenced this issue Jul 9, 2020
@To-om
#1427 Include ioc stats in observable stats in alert similarities
a561af9
To-om added a commit that referenced this issue Jul 9, 2020
@To-om
#1427 Include ioc count in observable count in alert similarities
809cf84
To-om added a commit that referenced this issue Jul 9, 2020
@To-om
#1427 Include ioc count in observable count in alert similarities (fi…
0c14a0f 
…x type)
To-om added a commit that referenced this issue Jul 9, 2020
@To-om
#1427 Check visibility according to organisation instead of user
6867871
@nadouani
Copy link
Contributor

nadouani commented Jul 9, 2020

@shortstack fixed :)

@nadouani nadouani closed this as completed Jul 9, 2020
@shortstack
Copy link
Author

amazing! thank you @nadouani !

To-om added a commit that referenced this issue Jul 9, 2020
@To-om
#1427 Fix case template visibility check
4f0a85b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nadouani nadouani

@To-om To-om

Labels
bug TheHive4 TheHive4 related issues
Projects
None yet
Milestone
4.0.0
Development

No branches or pull requests
3 participants
@nadouani @shortstack @To-om