Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Case Template content mixed across organisations #2068

Closed
martinr103 opened this issue Jun 8, 2021 · 1 comment · Fixed by #2079
Closed

[Bug] Case Template content mixed across organisations #2068

martinr103 opened this issue Jun 8, 2021 · 1 comment · Fixed by #2079
Assignees
@vdebergue
Labels
bug priority:high High Priority TheHive4 TheHive4 related issues
Milestone
4.1.6

Comments

@martinr103
Copy link

martinr103 commented Jun 8, 2021
edited
Loading

Request Type

Bug

Work Environment

Question Answer
OS version (server) Debian 10.3
TheHive version / git hash 4.1.4
Package Type Binary / in Docker
Database Cassandra
Index type Lucene
Attachments storage Local

Problem Description

Multi-Tenancy issue observed.

We have several organizations in TH.
We also have a set of case templates under each organization (the same templates [same names] exist under each organization).
The case templates include a few custom fields. One of the fields is called "customer_contact" and contains a certain email address. Obviously, the value of that custom field is specific depending on the Organization.
(i.e. lets say, as an example, we have
Org-A : template "case_template_1" : custom field "customer contact" = "[email protected]"
Org-B : template "case_template_1" : custom field "customer contact" = "[email protected]")
Based on the customer_contact field, external communication to the customer may be done, if necessary.

Now, just today I noticed the issue, that a newly created Case under Organization-A had the custom field "customer_contact" populated with the Organization-B contact !!
This is of course absolutely fatal, as the analysts most probably won't notice a wrong value there, and that may lead to cross-customer data contamination.

Steps to Reproduce

  1. under two organizations, prepare a case template with the same template-name under each org
  2. add a custom field in both templates, populate the custom field with different values under org-A and under org-B
  3. create an alert via API, specifying "X-Organisation" Header of organization A (payload of the createAlert API contains the template-name created in step 1)
  4. promote the alert to Case via API, specifying "X-Organisation" Header of organization A (payload of the createCase API also contains the template-name as created in step 1)
  5. check if the custom field in the newly created case contains the template value from org-A or org-B
@martinr103 martinr103 added bug TheHive4 TheHive4 related issues labels Jun 8, 2021
@nadouani nadouani added this to the 4.1.6 milestone Jun 9, 2021
vdebergue added a commit to vdebergue/TheHive that referenced this issue Jun 10, 2021
@vdebergue
TheHive-Project#2068 Fix issue where case templates are mixed between…
4b96a6f 
… orgs
@vdebergue vdebergue mentioned this issue Jun 10, 2021
Merged
@nadouani nadouani linked a pull request Jun 11, 2021 that will close this issue
#2068 Fix issue where case templates are mixed between orgs #2079
Merged
@nadouani nadouani assigned vdebergue and unassigned To-om Jun 11, 2021
@martinr103
Copy link
Author

Thanks a lot guys !!

To-om added a commit that referenced this issue Jun 11, 2021
@To-om
Merge pull request #2079 from vdebergue/fix/2068-mixed-case-template
e3ab26f 
#2068 Fix issue where case templates are mixed between orgs
@To-om To-om closed this as completed Jun 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vdebergue vdebergue

Labels
bug priority:high High Priority TheHive4 TheHive4 related issues
Projects
None yet
Milestone
4.1.6
Development

Successfully merging a pull request may close this issue.

#2068 Fix issue where case templates are mixed between orgs vdebergue/TheHive
4 participants
@nadouani @vdebergue @To-om @martinr103