Feature #278: [Security Audit Round 2 ] Sensitive Data Passed Through URL Parameters (Repeated) - E-Arogya - Redmine

Actions

Copy link

Feature #278

open

Feature #235: [Security Audit Round 2 ]

[Security Audit Round 2 ] Sensitive Data Passed Through URL Parameters (Repeated)

Added by Kalyan Battula 12 months ago. Updated 11 months ago.

Status:

Ready for Prod

Priority:

High

Assignee:

Pavan kumar Siddamsetti

Category:

Target version:

Security Audit

Start date:

01/05/2024

Due date:

% Done:

Estimated time:

Deployed In:

Category:

Description

Sensitive Data Passed Through URL Parameters
observation : Repeated
CWE : CWE-598
Description :
The web application uses the HTTP GET method to process a request and includes
sensitive information in the query string of that request.
Affected Path(s) :
https://his-healthidservice.satragroup.in/abdm/isAvailable/customHealthId/srinuks.1 *-Applicable to entire
application
Impact :
This allows attackers to obtain sensitive data such as usernames, passwords, tokens
(authX), database details, and any other potentially sensitive data. Simply using HTTPS
does not resolve this vulnerability.
Evidence/Proof Of Concept :
Step 1: ABHA Username Passed Through URL as shown in below screenshot.

Step 2: Functionality issue

Recommendation :
When sensitive information is sent, use the POST method (e.g. registration form, login
form, etc.).

Files

Download all files

clipboard-202405011315-5lepq.png (35.6 KB) clipboard-202405011315-5lepq.png		Kalyan Battula, 01/05/2024 01:15 PM
clipboard-202405011316-jnjpt.png (76.4 KB) clipboard-202405011316-jnjpt.png		Kalyan Battula, 01/05/2024 01:16 PM