EC Service response on decryption or validation fails

EC-Release / sdk

The Agent SDK

Other

4 stars 7 forks source link

EC Service response on decryption or validation fails #122

Closed ramaraosrikakulapu closed 3 years ago

ramaraosrikakulapu commented 4 years ago

GE Digital Security Vulnerability Report [3702]

This is part of the security item or pen test result for EC product.

EC Service is sending EC_GRANT (“OK”) from the end point /v1beta/reports/usage endpoint even though agent sends invalid or wrong public key for validation.

ramaraosrikakulapu commented 3 years ago

Implemented and delivered part of Security Remediation Items project