-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
Blocker
-
Affects Version/s: 3.4.0
-
AMRIT Sprint 48, AMRIT Sprint 49
-
Platform
-
UAT
An Unauthenticated File Access vulnerability was discovered in the https://uatamrit.piramalswasthya.org/ecd/supervisor/innerpage-supervisor?data=smsTemplate. The application allows unauthenticated users to directly access or download files without proper authorization checks. This can lead to the exposure of sensitive information or system files.
| Vulnerability Name | Vulnerable Point, Port or Parameter | CVE/CWE | CVSS Score | Overall Risk (Severity) |
Mapping with OWASP Testing Checklist | Observation / Description | Impact | Recommendation | Reference | Steps to reproduce |
| Unauthenticated File Access | https://uatamrit.piramalswasthya.org/ecd/supervisor/innerpage-supervisor?data=smsTemplate | CWE-284 | 7.6 | High | OWASP Authorization Testing | The application failed to restrict access to uploaded files, allowing anyone with the file URL to view or download the content. This is a classic example of broken access control leading to unauthenticated direct access to sensitive files, exposing potentially confidential or private data to unauthorized users. | Sensitive files (documents, images, etc.) can be accessed publicly, leading to data leakage. | Implement strict access control checks on file storage and retrieval endpoints. Store files in locations inaccessible directly via public URLs or implement authentication/authorization before serving files. Consider generating signed URLs with expiration for temporary secure access. |
https://owasp.org/Top10/A01_2021-Broken_Access_Control/ | Step 1: During the security assessment, it was observed that files already uploaded via the file upload functionality could be accessed directly from an unauthenticated browser session in another browser. This means the uploaded files were accessible without any authentication or authorization checks. |
