RTIR: RT for Incident Response
RTIR 4.0.3 Release Notes
RTIR 4.0.3 - 2022-07-13
RTIR 4.0.3 is now available, primarily providing bug fixes. The list of
changes included with this release is below. In addition to the
bug fixes listed below, this release contains security fixes.
When upgrading RTIR, you should also upgrade RT to version 4.4.6 for
compatibility with this release and to get security updates in RT.
The following security issues are fixed in this release. Thanks to the
Polish Financial Supervision Authority IT Security Department (UKNF)
for reporting these issues.
* RTIR's Whois lookup tool is vulnerable to server-side request forgery (SSRF).
It accepts queries in a way that could allow sending requests from the RTIR
server to a resource other than the intended whois server. Because the request
comes from the RTIR server, this could allow access to otherwise protected
resources. This vulnerability is assigned CVE-2022-25800.
* RTIR's Scripted Action tools is vulnerable to server-side request forgery
(SSRF) similar to the one described above. This vulnerability is assigned
General Updates and Fixes
* Fix squelching functionality on update page
* Remove unavailable TrustedSource.org from $RTIRIframeResearchToolConfig
A complete changelog is available from git by running:
git log 4.0.2..4.0.3