Unauthorized Process Execution for Authenticated Organizations

highmed / highmed-dsf

HiGHmed Data Sharing Framework funded by the German Federal Ministry of Education and Research (BMBF, grant ids: 01ZZ1802E and 01ZZ1802A)

Apache License 2.0

32 stars 20 forks source link

Unauthorized Process Execution for Authenticated Organizations #406

Closed hhund closed 1 year ago

hhund commented 1 year ago

Affected Versions: <= 0.9.1

Description: Do to a flaw in the Task authorization rule, users authenticated via a valid client certificate from trusted certificate authorities and a corresponding entry in the local DSF allow-list, are able to execute processes that should otherwise not be allowed via the ActivityDefinition authorization extension of the process.

Workaround: Disable access for untrusted organizations by setting Organization.active to false.

hhund commented 1 year ago

A fix for this issue is available via version 0.9.2.

Docker containers for the 0.9.2 release can be access via the GitHub Docker registry - ghcr.io:

bpe: ghcr.io/highmed/bpe:0.9.2
fhir: ghcr.io/highmed/fhir:0.9.2
fhir_proxy: ghcr.io/highmed/fhir_proxy:0.9.2

hhund commented 1 year ago

POC: 38b1f24, Fix: b1546b8