Findings released by Machine without evidences
Incident Report for Fluid Attacks
Postmortem

Impact

At least two groups obtained reports of vulnerabilities without associated evidence (resolved at 23-09-11 14:43). The incident was detected proactively (at UTC-5 23-09-19 10:01) by one of our engagement managers who reported through our help desk [1] that he observed seven vulnerabilities from two different groups that had no associated evidence.

Cause

After twenty-three days of observation during which there were no more cases of vulnerabilities without evidence, we have not found an exact cause, however, it is considered that it was caused by connection errors at the time of loading the evidence, where no retry action was programmed to be executed at the time of a failure.

Solution

In order to mitigate the problem in case of a connection error, a retry configuration was added [2], which allows running the evidence upload in up to three automatic attempts in case of error. Additionally, loggers were added to increase traceability in case any error occurs [3].

Conclusion

It was not possible to identify a well-defined cause due to the lack of loggers that would allow greater traceability; therefore, as a preventive action, loggers were added that will serve as support if the event is repeated. LACK_OF_TRACEABILITY

Posted Sep 21, 2023 - 22:44 GMT-05:00
Resolved
The problem was resolved and the evidence is being uploaded normally.
Posted Sep 21, 2023 - 10:03 GMT-05:00
Identified
Released findings have been found without associated evidence.
Posted Aug 25, 2023 - 14:42 GMT-05:00
This incident affected: Web.
Current Status Powered by Atlassian Statuspage