Our Security team performed some penetration testing and reported the following concerns regarding the Agile Requirements Designer Hub release 3.4

1. [MULTI QA] Multiple SSL/TLS Issues - the security team identified multiple issues related to the Transport Layer Security, listed below:
   • Obsolete CBC ciphers offered
     • Risk - Low Quality Ciphers, such as those using 64-bit blocks (3DES/DES/RC2/IDEA), those with known cryptographic weaknesses, such as the RC2/RC4 suites and Obsolete CBC ciphers should not be offered due to their inherent weaknesses.
     • Security Team Recommendation - Ensure Older and Obsolete ciphers such as Obsolete CBC are not in use
       
       
   • OCSP Stapling Not Configured
     • Risk - OCSP certificate management is necessary to create, store and revoke digital security certificates. This helps to ensure that the right users access only the resources allocated to them.
     • Security Team Recommendation - OCSP or Online Certificate Status Protocol is an internet protocol that checks the validity status of a certificate in real-time and is a real-time check of the status of a certificate and is fundamental in the design of Extended Validation SSL certificates.
       
       
   • LUCKY13 (CVE-2013-0169)
     
     • Risk - LUCKY13 (CVE-2013-0169) is like padding oracle attacks, attacking TLS MAC calculations with a “timing side-channel attack” in TLS 1.2 and lower, and SSLv3 Protocols that use CBC Encryption. Successful exploitation affords an attacker access to clear text data
     • Security Team Recommendation - Apply any outstanding security patches and disable any Cipher-Suites that have known vulnerabilities that could serve as attack vectors, or Disable Cipher-Suites using CBC (cipher block chain)
       
       
2. [WEB] Information Disclosure: Cookie Contents - the security team observed that the cookies sent by the web application following a successful login, discloses the hostname of the server.
   • AUTH_SESSION_ID_LEGACY cookie
   • AUH_SESSION_ID cookie
     • Risk - An attacker who successfully compromises a machine that has been used to access the web application could obtain information that may assist them in planning further attacks against the application itself.
     • Security Team Recommendation - the web application’s functionality is modified so that successful authentication by a user result in a cookie containing session ID rather than additional sensitive details.
3. [WEB] Insecure Cookie Attribute Configuration - The security team identified that application cookies were not making use of modern attribute configurations. The following attributes were missing from the application session cookies:
   • AUTH_SESSION_ID_LEGACY
   • JSESSIONID
   • KEYCLOAK_IDENTITY_LEGACY
   • AUTH_SESSION_ID
   • KEYCLOAK_IDENTITY
     • Risk - HTTP cookies containing sensitive information were identified as being at risk of potential disclosure to unauthorized third parties. This issue is due to the absence of security attributes on each cookie, allowing an attacker to potentially gain access to the cookies under certain scenarios.
     • Security Team Recommendation - Sensitive application cookies should include appropriate security attributes to protect them from unauthorized disclosure. The following guidelines should be followed when setting cookies to minimize exposure to unauthorized parties.
       • Include the “Secure” attribute on cookies that should not travel over un-encrypted HTTP (non-TLS) connections. This option is especially important for cookies containing sensitive data such as authentication and/or session tokens.
       • Use the “SameSite” attribute to limit exposure to cross-site request forgery attacks.

Review the cookies identified below to determine if the noted security attributes can be added to further protect them from unauthorized disclosure.

Agile Requirements Designer - ARD Hub 3.4

The ARD Software Development team reviewed the reporter security concerns and provided the following feedback:

1. [MULTI QA] Multiple SSL/TLS Issues

   • Obsolete CBC ciphers offered
     • ARD L2 recommendation - To ensure that Keycloak only uses TLS 1.3 and TLS 1.2, you can set the "https-protocols" property in "keycloak.conf" file.
       
       Example:
       https-protocols=TLSv1.3,TLSv1.2
       
       
   • OCSP Stapling Not Configured
     • ARD L2 recommendation - To enable OCSP stapling in Apache, you typically need the following directives in your "VirtualHost" configuration.

       SSLStaplingCache "shmcb:/path/to/cache_file(128000)"
       SSLUseStapling on

       Replace "/path/to/cache_file with" an appropriate path on your server.
       
       

   • LUCKY13 (CVE-2013-0169) Timing side-channel TLS MAC calculations attack
     • ARD L2 finding - As per the investigation, this looks like some false positive. ARD does not use configuration "Open SSL", "Open JDK below 1.8", nor "Polar SSL" which are vulnerable. Need more information from client about APIs which are exposing such issue.
       
       

2. [WEB] Information Disclosure: Cookie Contents

   • ARD L2 Recommendation - To address the issue of cookies disclosing the hostname of the server, you need to configure the "Domain" attribute in "keycloak.conf" file.

     Example:
     cookies.domain=your-domain.com
     session.cookie.domain=your-domain.com
     legacy.session.cookie.domain=your-domain.com
     
     

3. [WEB] Insecure Cookie Attribute Configuration

   • ARD L2 Recommendation - Ensure that the "Secure" and "SameSite" attributes in "keycloak.conf" file are set for the cookies mentioned. You can choose "Strict", "Lax", or "None" depending on your requirements.

     Example:
     cookies.secure=true
     cookies.same-site=Strict
     session.cookie.secure=true
     session.cookie.same-site=Strict
     legacy.session.cookie.secure=true
     legacy.session.cookie.same-site=Strict