ADPennington
commented
1 month ago 5/10/2024 update on checking if medium findings are reproducible:
-
Insecure Deployment: OpenSSL
- webinspect recommendation was to check the openssl version on the server. OpenSSL 0.9.8 SSL/TLS users should upgrade to 0.9.8za or later. OpenSSL 1.0.0 SSL/TLS users should upgrade to 1.0.0m or later. OpenSSL 1.0.1 SSL/TLS users should upgrade to 1.0.1h or later
- result after checking version on backend:
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)The issue appears to be a false positive.
-
Insecure Transport: SSLv3/TLS Renegotiation Stream Injection
- webinspect recommendation is to use openssl to test connection renegotiation. the presumption is that if it fails, the server is vulnerable.
- result: The server employs TLS 1.3, which does not support the renegotiation feature available in older TLS versions reference. Manual testing with openssl verified that the server correctly rejects renegotiation attempts, consistent with TLS 1.3 standards. The issue appears to be a false positive.
Description:
There are 3 medium findings in the April 2024 Webinspect scan located here :lock: one is related to the session cookie and has already been addressed. the other 2 needs review and potential remediation. If false positive, please document in raft's OneNote page linked above.
Acceptance Criteria: Create a list of functional outcomes that must be achieved to complete this issue
Tasks: Create a list of granular, specific work items that must be completed to deliver the desired outcomes of this issue
Notes: Add additional useful information, such as related issues and functionality that isn't covered by this specific issue, and other considerations that will be helpful for anyone reading this
Supporting Documentation: Please include any relevant log snippets/files/screen shots
Open Questions: Please include any questions or decisions that must be made before beginning work or to confidently call this issue complete