This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Fixing the Apigee Private Cloud v4.51 Penetration's test on Apigee edge UI vulnerability

Posted on 11-11-2022 12:59 AM
Mesun
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Dear All,

Few of the Vulnerability that has been reported when we ran vulnerability assessment on our 28node topology Private cloud instance.


These issues are not for webservice endpoints but rather the edge UI login . Some of these issues might be closely associated with a product configuration so we would like to get your views on few of the items.

we have some query as given below.

Q1 ) For Apigee Edge UI Insecure Transport we need to set the cipher . Is there a configuration file to set Weak SSL Cipher. For this we applied ‘ELBSecurityPolicy-TLS13-1-2-2021-06’ at AWS NLB but to fix but there not a similar one at for ALB ( this is used at Edge UI). Though this is not Apigee query per say but do let me know if you have tried some fix for Cipher in AWS ALB?

Q2 ) The logged in user email ID is present in the UI response. Is this working as per design and hope this is not exploitable ? Privacy Violation: Email Disclosure

Q3) Cookie Security: Cookie not Sent Over SSL vulnerability has been found and is there a way to further tighten the security?

Q4) Cookie Security: Persistent Cookie vulnerability has shown that some of the cookies does not have Expires= information. Is there a way to enforce this attribute?


Q5 ) Cross-Frame Scripting vulnerability has shown that few options on frames has not been imposed. Is there a way to populate Origin and other methods along with same site attribute for frames?

Q6) Is it possible to update the configuration to for the session to get updated for on logout, new session and other scenarios to avoid the session fixation attack. If not is this a potential bug?


Q7) JavaScript Hijacking: JSONP Vulnerability is suggesting the use of POST methods for calls instead of GET method or Tainting . Is it possible to take up this suggestion?

Q8) Setting Manipulation: Is there a way to see taht Character Set is enforced instead of allowing all the values?

Q9) HTML5: Form Validation Turned Off and can it be turned on?

Q10) Cache Management: Is it possible to turn of Caching completely for request and response ? Example: Cache-Control: no-cache="Set-Cookie".

Q11) HTML5: Cross-Site Scripting Protection vulnerability has the view that "Add a configuration setting or a line of code that adds a response header or tag to set X-XSS-Protection with the value ‘1; mode=block’" . is it possible to incorporate the same?


Kindly help us with these queries. Happy to provide additional details that you may ask but i am not overloading this post with loads of information to keep it sort and crisp. 

0 0 131
0 Likes
0 REPLIES 0
Top Solution Authors
View all