Added Template to detect Exposed Instances of RLOS Cabinet Management… #10387
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
… Panel
Template / PR Information
Description: Retail Loan Origination Systems,developed by NewGen Software is used to streamline consumer loan origination from banking institutions, with end-to-end automation of loan requests in a paperless environment. A Cabinet Panel is used by an RLOS Service to manage storage volumes, that in turn store documents, containing customer PII submitted through the webapp. The RLOS Web Application is deployed on a special service subdomain on of the client's domain infrastructure - with the suffix “rlos" (for example - rlos.company_domain.com) . The path to the Cabinet Storage is omniapp/pages/cabinet/managecabinet.jsf?Action=1. If exposed, it gives an attacker insight into information such as Storage Volume Name, Cabinet Name, it's alias, Deployed AppServer IP Address and Port
Impact: An attacker can deploy foreign application server instances on the panel using breached credentials for the subdomain, access information about the volume storage and escalate the misconfiguration, by de-registering existing storage systems, so as to route all documents submitted through the platform on an adversary-controlled application server, potentially leading to further compromise.
Template Validation
I've validated this template locally?
Additional Details (leave it blank if not applicable)
Additional References: