Support #13285
[SCP ID :##6486##] : VAPT Findings - BIF-102545 - Kelemahan Backdate - Create SLA Management
Status: | Closed - End of life cycle | Start date: | October 26, 2022 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Zahir Abd Latif | % Done: | 100% | |
Category: | - | Spent time: | - | |
Target version: | - |
Description
Hi,
Kindly attend below request:-
Deskripsi :
Pengujian pada aplikasi BIFAST menunjukan aplikasi memiliki kelemahan backdate terhadap fungsi create SLA Management
Situs Target :
https://10.170.136.228/bifast-portal/ss227/slaMgmtCreateConfirm.do
Rekomendasi :
Kami sarankan untuk implementasi verifikasi pada tanggal yang digunakan dalam fungsi untuk mencegah serangan backdate dan melakukan validasi terhadap fungsi date di sisi server bukan hanya pada sisi client
History
#1 Updated by Stephanie Sufrapto almost 2 years ago
- Status changed from New - Begin Life Cycle to User Acceptance Test
- Assignee set to Zahir Abd Latif
- % Done changed from 0 to 100
Provide patch Version 2.0.105 at 8 October 2022
#2 Updated by Zahir Abd Latif almost 2 years ago
- Status changed from User Acceptance Test to Closed - End of life cycle
Issue closed in SCP.