Comments (5)
can lead to break of file confidentiality inside a platform
from connectors.
Issue reproduced. On it.
Before validating the workbench on the empty report
After validation : I see the txt file added
from connectors.
The issue seem to be happening in importdocument connector : The connector seem to keep in memory the last uploaded file (global import), and add it to the report bundle. I suspect this part of the code :
if data["file_id"].startswith("import/global"):
file_data = open(file_name, "rb").read()
file_data_encoded = base64.b64encode(file_data)
self.file = {
"name": data["file_id"].replace("import/global/", ""),
"data": file_data_encoded,
"mime_type": "application/pdf",
}
Then this self.file is used here :
entity_stix["x_opencti_files"] = (
[self.file] if self.file is not None else []
)
This connector has been updated recently, I'm not sure yet how to fix this behavior @richard-julien @SamuelHassine
=> Actually I might have a fix, opening PR soon
from connectors.
PR open here in connectors : #2141
from connectors.
To precise the issue : the report will contain the last uploaded file from global import, not a random one. To reproduce, you need to first upload a file (import global), import it to create a workbench, then you import a file in a report and create a workbench from this report, and when validating this report workbench, it will add to the report the last uploaded file in global.
from connectors.
Related Issues (20)
- Patch ID generation RiskIQ
- Error when ingesting a File object with a too big integer in the size field HOT 1
- CUCKOO_API_TOKEN variable is missing in connectors/external-import/cuckoo/docker-compose.yml HOT 1
- GreyNoise Feed connector environment variables not properly ingested HOT 2
- Develop hudsonrock enrichment connector
- Malware Bazar Connector Error HOT 2
- [Export CSV] Relationships export with filter exports more than required HOT 2
- Error when trying to export without order by
- Using a Python remote debugger for docker-compose local development HOT 1
- Qradar-Connector Deprecated API HOT 3
- [import/export] Error when importing text files or PDFs
- [Malpedia] ERROR: User effective max confidence level is insufficient to update this element HOT 6
- Stream Connector goes to "Inactive" status, does not "StreamAlive" HOT 2
- [Export CSV] Export both FROM NAME and TO NAME
- External reference not (re)created when using bundle and OpenCTIStix2.put_attribute_in_extension HOT 1
- Add new sources to Recorded Future external-import HOT 1
- Add additional debugging statements to the Recorded Future connectors
- MISP AUTH Key variable appears to be missing for the misp-feed connector HOT 2
- Virus Total connector fails to enrich observables with an empty score HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from connectors.