AnsweredAssumed Answered

AssetView Security Bypass

Question asked by souzman on Jul 23, 2018
Latest reply on Oct 16, 2018 by Chris Jones

Within the Vulnerability Management module, you create a Business Unit and assign a BU Manager, and an Asset Group with a defined set of IP's for that business division.

The purpose being that you restrict the scope of assets which that Business Unit can act on.

 

To bypass this, open AssetView module as the BU Manager and create a new tag (eg. Operating System Regex = "Windows"). 

Now the entire subscription's Windows hosts will be tagged and you can see the vulnerabilities for every Windows host in the subscription.

If the other business divisions were scanning with Authenticated scanning - you have very detailed vulnerability information for hosts which you should never have had access too in the first place.

 

I would have expected that the BU Manager can create new tag's, but only for the assets within the scope of his Business Unit.

 

Please can anyone advise on this?

Outcomes