Insecure HTTP Communication in PROMOD V via Digipede Server

Impact Analysis

Using insecure HTTP communication can expose data transmitted between PROMOD V and the Digipede server to interception or tampering by attackers.

This can lead to potential data breaches, loss of confidentiality, and integrity of the information exchanged.

Useful 0 Not Useful 0

Executive Summary

This vulnerability involves PROMOD V using insecure HTTP communication instead of the secure HTTPS protocol.

The root cause is that the 3rd party Digipede server does not support HTTPS, which forces PROMOD V to communicate over HTTP.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves PROMOD V using insecure HTTP communication instead of HTTPS due to lack of HTTPS support from a 3rd party Digipede server.

To detect this vulnerability on your network or system, you can monitor network traffic for HTTP connections to the Digipede server instead of HTTPS.

• Use network traffic analysis tools like Wireshark or tcpdump to capture traffic and filter for HTTP (port 80) connections to the Digipede server.
• Example tcpdump command: tcpdump -i <interface> host <Digipede_server_IP> and port 80
• Check application logs or configuration to verify if HTTPS is being used or if only HTTP communication is established.

Useful 0 Not Useful 0

Mitigation Strategies

Since the vulnerability is caused by the lack of HTTPS support from the 3rd party Digipede server, immediate mitigation steps include:

• Avoid transmitting sensitive data over the insecure HTTP connection.
• Restrict network access to the Digipede server to trusted hosts only.
• Contact the vendor or 3rd party provider to request HTTPS support or a secure communication method.
• Implement network-level encryption such as VPN tunnels to protect data in transit if HTTPS cannot be immediately enabled.

Useful 0 Not Useful 0