Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug/Vas-11472: fix mgt contract creation script #1394

Merged
merged 1 commit into from
Jun 26, 2023
Merged

Bug/Vas-11472: fix mgt contract creation script #1394

merged 1 commit into from
Jun 26, 2023

Conversation

bbenaissa
Copy link
Collaborator

@bbenaissa bbenaissa commented Jun 26, 2023
edited
Loading

Description

During upgrade, the management contract profile is not properly created for admins

Type de changement:

  • Ansiblerie
  • Correction

Contributeur

  • VAS (Vitam Accessible en Service)

@bbenaissa bbenaissa self-assigned this Jun 26, 2023
@bbenaissa bbenaissa added bug Something isn't working small pr embarquant peu de changements et à review rapide, ne nécessitant qu'un reviewer VAS VAS contribution labels Jun 26, 2023
@bbenaissa bbenaissa added this to the IT 121 milestone Jun 26, 2023
@bbenaissa bbenaissa marked this pull request as ready for review June 26, 2023 05:28
@TDevillechabrolle
Copy link
Contributor

Logo
Checkmarx One – Scan Summary & Details1fa3b807-abb3-49f7-8dd8-062521022eb4

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM CVE-2023-2976 Maven-com.google.guava:guava-29.0-jre Vulnerable Package
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 226 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 275 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 309 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 237 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 320 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 226 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 275 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 309 Attack Vector

Fixed Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH Reflected_XSS_All_Clients /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
HIGH Reflected_XSS_All_Clients /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 150 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 150 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
LOW Log_Forging /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 114 Attack Vector
LOW Log_Forging /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 116 Attack Vector
LOW Log_Forging /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 127 Attack Vector
LOW Log_Forging /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: 115 Attack Vector
LOW Log_Forging /api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionArchiveUnitInternalController.java: 162 Attack Vector

@TDevillechabrolle TDevillechabrolle merged commit 118843c into develop Jun 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@laedanrex laedanrex laedanrex approved these changes

@achoubiemohamed achoubiemohamed achoubiemohamed approved these changes

@mhameg mhameg mhameg approved these changes

Assignees

@bbenaissa bbenaissa

Labels
bug Something isn't working small pr embarquant peu de changements et à review rapide, ne nécessitant qu'un reviewer VAS VAS contribution
Projects
None yet
Milestone
IT 121
Development

Successfully merging this pull request may close these issues.
5 participants
@bbenaissa @TDevillechabrolle @laedanrex @achoubiemohamed @mhameg