Detect log injection

Description

AS A Security Specialist
I WANT TO detect log entries that do not match the expected log structure
SO THAT I could detect log injections

Why is this important?

Risks of log injection are often left without (proper) attention. This is an entry point for bad actors to cause problems whose root cause is very hard to detect.

As the Messaging BB is one of the core components to provide reliable end-to-end service, improper actions, and undetected attacks might potentially cause a lot of harm. For example, sending within a short time period seemingly trusted messages to End Clients to check for relevant data at some hospital. This would be a very effective DDOS attack, as it would cause overload to the hospital´s IT systems without the latter being able to block a limited amount of request sources.

Scope

Custom developments are needed.

References

Checklist

hide

Activity

Show:

Pinned fields

Click on the next to a field label to start pinning.

Details
Assignee
Unassigned
Reporter
rainer.turner
Priority
Medium
Parent
MSG-104 Requests and responses monitoring for the Messaging BB

Checklist

Created August 4, 2023 at 5:41 AM

Updated August 4, 2023 at 3:27 PM

Detect log injection

Description

Why is this important?

Scope

References

Checklist

Activity

DetailsAssigneeUnassignedUnassignedReporterrainer.turnerrainer.turnerPriorityMediumParentMSG-104 Requests and responses monitoring for the Messaging BB

Details

Assignee

Reporter

Priority

Parent

ChecklistOpen Checklist

Checklist

Details
Assignee
Unassigned
Reporter
rainer.turner
Priority
Medium
Parent
MSG-104 Requests and responses monitoring for the Messaging BB

Checklist