Hi,
I'm not a security expert, though, I've worked on several EP projects in AX 2009 and AX 2012 (R2 - R3) for large companies. I've followed security company audits that test for possible vulnerabilities of AX components, with Enterprise Portal being one of them.
This type of vulnerability has never been cited in a security clearance report. So, first of all, thank you very much for sharing this question with us.
As you may already know, Enterprise Portal is based on the SharePoint platform. From what I've been able to search, SharePoint has some functionality to avoid CSRF vulnerabilities.
Check this link and this link.
I share with you a security change that can influence this vulnerability scenario.
Set Disabled in Form Authentication option in Enterprise Portal web site in IIS, Authentication section. Also review advanced settings.
Figure 1
There may be some security conflict, depending on your settings, in which case, you can disable / off (compare your environment with the figure 1 [all groups]) test in a non-production environment, with backup.
However, if you use anonymous access to the EP, these changes can influence in authentication.
Some other questions:
What is the version of AX/EP [R2, R3, CU9,10,11...] you are analyzing?
What is the SharePoint version?
Does the EP site have anonymous access?
Does the EP site have users outside the domain?
I have not yet had time to set up a scenario to try to replicate that vulnerability. Would it be possible for you to share, step by step, how your test was done, to find this vulnerability?
I hope this Helps!
Regards,
Rodolfo Recalde
Share
Report
All responses (
Answers (
39
