Executive Summary

This vulnerability exists in Valtimo, an open-source business process automation platform, in versions 13.0.0 through 13.21.0. The InboxHandlingService logs the full content of every incoming inbox message at the INFO log level. These inbox messages can contain highly sensitive information such as personal data (PII), citizen identifiers (BSN), and case details.

Because the full message content is logged at INFO level, this sensitive data is exposed to anyone who has access to the application logs or any Valtimo user with the admin role via the Admin UI logging module.

This issue was fixed in version 13.22.0. Until an upgrade is possible, developers can mitigate the risk by restricting access to application logs and setting the log level for com.ritense.inbox to WARN or higher.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized exposure of sensitive and personal information contained in inbox messages, such as personally identifiable information (PII), citizen identifiers (BSN), and case details.

Anyone with access to the application logs or users with admin privileges in Valtimo can view this sensitive data, potentially leading to privacy breaches, data leaks, and misuse of confidential information.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if the Valtimo InboxHandlingService is logging the full content of incoming inbox messages at the INFO log level. Specifically, you should verify the logging configuration for the component com.ritense.inbox to see if it is set to INFO or lower.

You can inspect the application logs for sensitive data exposure by searching for personal data or case details in the logs.

Suggested commands to detect this issue include:

• Check the logging configuration file for the log level of com.ritense.inbox (e.g., using grep or similar tools): grep 'com.ritense.inbox' path/to/logging/configuration
• Search application logs for sensitive data patterns (e.g., PII, BSN, case details) using commands like: grep -iE 'personal data|BSN|case details' path/to/application/logs

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include restricting access to the application logs to prevent unauthorized users from viewing sensitive information.

Additionally, adjust the log level for com.ritense.inbox to WARN or higher in the application configuration to avoid logging sensitive inbox message content.

Ultimately, upgrading to Valtimo version 13.22.0 or later will fix the issue.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability causes the InboxHandlingService in Valtimo versions 13.0.0 through 13.21.0 to log the full content of every incoming inbox message at INFO level. Since inbox messages can contain highly sensitive information such as personal data (PII), citizen identifiers (BSN), and case details, this logging behavior exposes sensitive data to anyone with access to application logs or admin users through the Admin UI.

Such exposure of sensitive personal data in logs can lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls on the handling, storage, and access to personal and sensitive information to protect privacy and confidentiality.

Therefore, this vulnerability increases the risk of unauthorized data disclosure and may result in violations of these common standards and regulations unless mitigated by upgrading to version 13.22.0 or applying recommended workarounds such as restricting log access and adjusting log levels.

Useful 0 Not Useful 0