Details
-
Bug
-
Resolution: Won't Fix
-
Low
-
None
-
None
-
None
-
Severity 3 - Minor
Description
Problem Definition
While we have the Security of Hipchat explaining about security in HipChat, users must not rely on endpoint protection on the clients.
Suggested Solution
- The Antivirus could be either locally (installed into the VM) or external / remote (For example, virustotal.com)
- The idea would be to check any files before fully accepting it
Why this is important
In a proof of concept, users were able to transport a virus into internal network by using the on-premise hipchat. Other services are fully protected and this will most likely end with the admin having to shut down Hipchat completely.
Attachments
Issue Links
- mentioned in
-
Page Loading...