[Question] Tags and custom fields can be seen across organisations / potential for data leakage #1778
Comments
|
What type of data is included as tags in your cases? Custom fields definitions are in fact common to all organisations, but not their values. |
|
Our concern is that other organisations can create their own tags which leaves a potential for data being leaked especially since tags autocomplete. For example if organisation A puts an email address as a tag and organisation B starts typing in something with the same 3 starting letters they would be able to see that entire tag as an autocomplete option. |
|
@nadouani any plans to populate these on a per organisation basis? |
|
In TheHive 4.1, free tags are related to an organisation. With that being said, we recommend to not use any sensitive data as a tag. Use custom fields instead |
Autocomplete will behave differently in 4.1, and will suggest tags from your own organisation only. |
|
@nadouani any idea when 4.1.0 will be released? between this and the slowness/performance issues, wondering what kind of time frame we're looking at |
|
4.1 is almost there, it has been paused to fix the ES 7.11 breaking changes on TheHive 3 and Cortex. |
|
Tag auto complete is now just returning the freetags defined within the current organisation. |
nadouani
changed the title
|
thank you!! @nadouani any ETA on 4.1 release? |
Request Type
Bug / Feature Request
Work Environment
Problem Description
Users in other organisations can see custom fields and tags that have been used across organisations other than their own.
This causes the potential for data leakage between organisations. We may not be able to use the multi-tenancy features/add users until this is no longer an issue.
The text was updated successfully, but these errors were encountered: