Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug may lead to deletion of all entities in OpenCTI #8837

Closed
ups1decyber opened this issue Oct 30, 2024 · 2 comments · Fixed by #8845
Closed

Bug may lead to deletion of all entities in OpenCTI #8837

ups1decyber opened this issue Oct 30, 2024 · 2 comments · Fixed by #8845
Assignees
@SouadHadjiat
Labels
bug use for describing something not working as expected critical use to identify critical bug to fix ASAP regression Label to identify the bug as a regression of previously working feature solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 6.3.9

Comments

@ups1decyber
Copy link

Description

Hi all,

a bug in the search result list may lead to deletion of all entities. This caused quite some trouble when we noticed this, but I was able to reproduce the issue in a test instance.

Environment

  1. OS (where OpenCTI server runs): For reproducing the issue, the example docker-compose setup can be used
  2. OpenCTI version: 6.3.1 (where we first noticed the bug) / 6.3.7 (where we could also reproduce the bug)
  3. OpenCTI client: frontend
  4. Other environment details:

Reproducible Steps

  1. Set up a fresh OpenCTI instance, e.g. by using the example docker setup.
  2. Add some reports, observables and so on. Doesn't really matter what you add.
  3. For one report, add an opinion (I used neutral to reproduce the issue, but it doesn't really matter)
  4. In the platform search bar, search for neutral. You should now see exactly one result.
  5. Select the checkbox above the single result (the checkbox that is used to select all items of a list)

image

  1. The action bar should show "1 selected". Click "Delete" and confirm.
  2. Watch how a background tasks deletes all entities.

Expected Output

I would expect that OpenCTI deletes only entities that match the given search term. However, it seems that when using the "Select all" checkbox, all items that match a given filter are deleted. Since I did not specify any filters, a background task that deletes all items was queued and executed.

Actual Output

A background task deleted all items instead only those that match my search terms.

Additional information

Screenshots (optional)
@ups1decyber ups1decyber added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Oct 30, 2024
@nino-filigran nino-filigran added critical use to identify critical bug to fix ASAP and removed needs triage use to identify issue needing triage from Filigran Product team labels Oct 31, 2024
@nino-filigran
Copy link

Even easier use case:

  • go on platform (like testing)
  • search trhough global search
  • select an amount of item to delete trhough the select all
  • clcik on delete and notice the amount that should be deleted
  • go in task
  • the amount is not the same.

@nino-filigran nino-filigran added the regression Label to identify the bug as a regression of previously working feature label Oct 31, 2024
@SouadHadjiat SouadHadjiat self-assigned this Oct 31, 2024
@nino-filigran nino-filigran added this to the Bugs backlog milestone Oct 31, 2024
SouadHadjiat added a commit that referenced this issue Oct 31, 2024
@SouadHadjiat
[frontend] Fix global search toolbar (#8837)
914a4e4
@SouadHadjiat SouadHadjiat mentioned this issue Oct 31, 2024
Merged
5 tasks
@SouadHadjiat SouadHadjiat linked a pull request Oct 31, 2024 that will close this issue
[frontend] Fix global search toolbar (#8837) #8845
Merged
5 tasks
labo-flg pushed a commit that referenced this issue Oct 31, 2024
@SouadHadjiat
[frontend] Fix global search toolbar (#8837)
0eea615
@labo-flg
Copy link
Member

Bug limited to global search, fixed with #8845

@labo-flg labo-flg added the solved use to identify issue that has been solved (must be linked to the solving PR) label Oct 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SouadHadjiat SouadHadjiat

Labels
bug use for describing something not working as expected critical use to identify critical bug to fix ASAP regression Label to identify the bug as a regression of previously working feature solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 6.3.9
Development

Successfully merging a pull request may close this issue.

[frontend] Fix global search toolbar (#8837) OpenCTI-Platform/opencti
5 participants
@SouadHadjiat @SamuelHassine @labo-flg @nino-filigran @ups1decyber