[% META title = "Security Remediation Master Plan" description = "Comprehensive security vulnerability audit and remediation plan for Comserv application. Covers CRITICAL, HIGH, and MEDIUM severity issues identified in security audit (Jan 2026). Includes 13 vulnerabilities, priority sequencing, implementation timeline, and integration with master plan." roles = "admin,security,developer,devops" TemplateType = "Documentation" category = "security,infrastructure,compliance" page_version = "1.01" last_updated = "Sun Jan 05 2026 21:50:00 UTC" %] [% PageVersion = 'root/Documentation/SECURITY_REMEDIATION_PLAN.tt,v 1.01 2026/01/05 21:50:00 zencoder Exp - G.1 SQL Injection Fixes COMPLETED (8 vulns fixed)' [% IF c.session.debug_mode == 1 %] [% PageVersion %] [% END %]

Security Remediation Master Plan

Created: 2026-01-05 | Version: 1.00 | Status: 🟡 In Progress - G.1 COMPLETED - 13 Vulnerabilities Identified, 5 Immediate Actions, Integration with Master Plan | Last Updated: 2026-01-05 21:50:00 UTC

🔴 SECURITY AUDIT SUMMARY (Jan 5, 2026)

Navigation

📊 Executive Summary & Top 10 🔴 IMMEDIATE ACTIONS (Week 1) 📋 Full Vulnerability Matrix ✅ Individual Remediation Plans 📅 Timeline & Sequencing 🔗 Dependencies

Executive Summary: Top 10 Security Priorities

🚨 Comserv Top 10 Master Plan Priorities (Including Security)

Updated Master Plan Top 10 (Jan 5, 2026): Integrating security into overall master plan priorities

Rank Initiative Category Severity Timeline Impact
1 G.1: SQL Injection Fixes Security 🔴 CRITICAL (CVSS 9.8) Week 1 (Jan 6-7) Database compromise, data theft, system takeover
2 G.2: Command Injection Prevention Security 🔴 CRITICAL (CVSS 9.8) Week 1 (Jan 6-7) Remote code execution, system compromise
3 G.3: Weak Password Hashing → Argon2 Security 🔴 CRITICAL (CVSS 8.1) Week 1-2 (Jan 6-12) Credential compromise via brute force/rainbow tables
4 A.2: K8s Readiness Phase Infrastructure 🔴 CRITICAL Week 1-2 (Jan 6-12) Deployment readiness, system stability
5 A.1: K8s Migration Infrastructure 🔴 CRITICAL Week 2-4 (Jan 13-26) Production environment modernization
6 G.4: Session & CSRF Security Security 🟠 HIGH (CVSS 7.5) Week 1-2 (Jan 6-12) Session hijacking, account takeover, data manipulation
7 E.1: AI Chat System Infrastructure 🟠 HIGH Week 2-4 (Jan 13-26) Development productivity, documentation access
8 G.5: Encryption & Key Management Security 🟠 HIGH (CVSS 7.5) Week 2-3 (Jan 13-19) Encrypted credential compromise
9 B.1/B.2: Bug Fixes (Docker Secrets, Auth) Bugs 🟠 HIGH Week 1-2 (Jan 6-12) System stability, authentication reliability
10 G.6: Input Validation & Security Headers Security 🟡 MEDIUM (CVSS 5.3) Week 2-3 (Jan 13-19) Defense-in-depth hardening, OWASP compliance

🔴 IMMEDIATE ACTIONS (Week 1: Jan 6-12, 2026)

Priority Sequence for Week 1

Must complete in order: SQL Injection → Command Injection → Password Hashing → Session/CSRF

Parallel Track: G.5 Encryption can proceed alongside password hashing if resources available

Action 1: SQL Injection Fixes (G.1) - Mon-Tue Jan 6-7

Files to Fix:

  • Admin.pm:330 - database name interpolation in size_query
  • Admin.pm:348 - table name interpolation in count_query
  • Search for all other interpolated SQL queries in codebase

Implementation: Use parameterized queries with placeholders (?)

Testing: Run sql_injection_test.pl before commit

Effort: 3-4 hours

Action 2: Command Injection Prevention (G.2) - Tue-Wed Jan 7-8

Files to Fix:

  • Admin.pm get_system_stats() function - replace backticks with IPC::Run or Perl equivalents
  • Search for all backtick usage in codebase

Implementation: Replace unsafe shell invocation with Perl modules

Testing: Verify system stats still display correctly

Effort: 4-5 hours

Action 3: Weak Password Hashing Migration (G.3) - Wed-Thu Jan 8-9

Files to Modify:

  • Controller/User.pm - hash_password() and password verification
  • Model/User.pm - check_password() method
  • Database schema - extend password field to 255 chars (Argon2 hashes are ~97 chars)

Implementation: Migrate from SHA-256 to Argon2 with backward compatibility

Testing: Create migration script to rehash existing passwords on next login

Effort: 6-8 hours (includes migration strategy)

Action 4: Session & CSRF Security (G.4) - Thu-Fri Jan 9-10

Tasks:

  • Enable cookie_secure flag for production environments (Comserv.pm line 88-95)
  • Add cookie_samesite = 'Strict' to session configuration
  • Implement CSRF tokens in all POST/PUT/DELETE actions
  • Update all forms to include hidden CSRF token input
  • Create session base controller to enforce CSRF validation

Testing: Test CSRF token mismatch scenarios, verify session state

Effort: 5-6 hours

Full Vulnerability Matrix

ID Vulnerability Severity CVSS Impact Location
1 SQL Injection CRITICAL 9.8 Database compromise, unauthorized data access, data modification, system takeover Admin.pm:330 (database name), Admin.pm:348 (table name)
2 Command Injection (Shell Execution) CRITICAL 9.8 Remote code execution, system compromise, data theft, privilege escalation Admin.pm backticks (df, uptime, git commands in get_system_stats)
3 Weak Password Hashing (No Salt) CRITICAL 8.1 Credential compromise via brute force (SHA-256 is fast), rainbow table attacks, account takeover Controller/User.pm:279 hash_password() uses SHA256 unsalted
4 Session Cookie Insecurity HIGH 7.5 Session hijacking via MITM attacks, account takeover, session fixation Comserv.pm:88-95 cookie_secure=0, missing SameSite attribute
5 No CSRF Protection HIGH 7.5 Unauthorized form submissions, data manipulation, account takeover All controllers - no CSRF token validation in POST/PUT/DELETE handlers
6 Hardcoded Admin Bypass HIGH 8.8 Account compromise = full admin access, privilege escalation, system compromise Util/AdminAuth.pm:45 hardcoded 'Shanta' + 'ai_assistant' usernames grant automatic admin
7 Weak Encryption (AES-256-CBC, No PBKDF2) HIGH 7.5 Encrypted credential compromise, key derivation attacks, brute force Util/Encryption.pm iterations=1 (should be 10k+), plaintext key files
8 Insecure Session State Storage HIGH 7.5 Unauthorized session access, privilege escalation, data theft Comserv.pm:94 dir=/tmp/session_data (world-readable), loose permissions
9 Insufficient Input Validation MEDIUM 5.3 XSS attacks, injection attacks, data corruption Controller/User.pm:611 register() only checks field existence, not format/length
10 Sensitive Data in Logs MEDIUM 5.3 User enumeration, credential leakage via logs, information disclosure Controller/User.pm logs username in plaintext during auth attempts
11 Missing Security Headers MEDIUM 3.7 Clickjacking attacks, XSS attacks, MIME-type sniffing All controllers - missing X-Frame-Options, X-Content-Type-Options, HSTS
12 Insecure Encryption Key Storage MEDIUM 5.3 Encryption key compromise, credential decryption, plaintext credential recovery Util/Encryption.pm keys in /config (world-readable if not chmod 600)
13 Missing Logging for Auth Events MEDIUM 4.2 Undetected brute force attacks, missing audit trail for security incidents Controller/User.pm logs failures but no rate limiting or alerting

Individual Remediation Plans (G.1 - G.6)

G.1: SQL Injection Remediation

Plan: G.1_SQLInjection_Fixes.tt (To be created)

Severity: 🔴 CRITICAL | Timeline: Week 1 (Jan 6-7) | Effort: 3-4 hours

Files: Admin.pm (lines 330, 348), other SQL-related code

G.2: Command Injection Prevention

Plan: G.2_CommandInjection_Prevention.tt (To be created)

Severity: 🔴 CRITICAL | Timeline: Week 1 (Jan 7-8) | Effort: 4-5 hours

Files: Admin.pm (get_system_stats, backtick usage)

G.3: Password Hashing Migration (SHA-256 → Argon2)

Plan: G.3_PasswordHashing_Argon2.tt (To be created)

Severity: 🔴 CRITICAL | Timeline: Week 1-2 (Jan 8-12) | Effort: 6-8 hours

Files: Controller/User.pm, Model/User.pm, Schema migration

G.4: Session & CSRF Security Hardening

Plan: G.4_Session_CSRF_Security.tt (To be created)

Severity: 🟠 HIGH | Timeline: Week 1-2 (Jan 9-12) | Effort: 5-6 hours

Files: Comserv.pm (session config), all POST/PUT/DELETE controllers

G.5: Encryption & Key Management Hardening

Plan: G.5_Encryption_KeyManagement.tt (To be created)

Severity: 🟠 HIGH | Timeline: Week 2-3 (Jan 13-19) | Effort: 5-6 hours

Files: Util/Encryption.pm, key file management

G.6: Input Validation & Security Headers

Plan: G.6_InputValidation_SecurityHeaders.tt (To be created)

Severity: 🟡 MEDIUM | Timeline: Week 2-3 (Jan 13-19) | Effort: 4-5 hours

Files: All controllers, Root.pm (headers), User.pm (registration)

Implementation Timeline & Sequencing

Week 1 Timeline (Jan 6-12, 2026)

Day Task Duration Deliverable
Mon 6th G.1: SQL Injection Analysis & Fixes 3-4 hrs Fixed Admin.pm, test suite, PR ready
Tue 7th G.2: Command Injection Prevention 4-5 hrs IPC::Run implementation, system_stats() updated, tests
Wed 8th G.3a: Password Hashing Analysis & Schema Update 3 hrs Schema migration, backward compatibility plan
Thu 9th G.3b: Argon2 Implementation (parallel: G.5 Encryption Design) 3 hrs + 2 hrs User.pm updated with Argon2, migration script ready
Fri 10th G.4a: Session & CSRF Implementation 3 hrs Comserv.pm updated, CSRF token generation
Sat 11th G.4b: CSRF Token Integration (Forms) 2 hrs All forms updated with tokens, controllers validate
Sun 12th G.1-G.4 Testing & Validation 3 hrs Full security test suite, all PRs reviewed

Week 2 Timeline (Jan 13-19, 2026)

Day Task Duration Deliverable
Mon 13th G.5: Encryption Key Management Hardening 3 hrs PBKDF2 implementation, key file permissions (chmod 600)
Tue 14th G.5 Continuation & Documentation 2 hrs Encryption.pm updated, secure key rotation guide
Wed 15th G.6: Input Validation (User Registration) 2 hrs Data::Validate integration, regex patterns, tests
Thu 16th G.6: Security Headers Implementation 2 hrs X-Frame-Options, X-Content-Type-Options, HSTS added to Root.pm
Fri 17th Security Audit Logging & Monitoring Setup 3 hrs Hashed username logging, rate limiting config, alerting rules
Sat 18th G.1-G.6 Comprehensive Testing & Documentation 4 hrs Full security test coverage, OWASP checklist, documentation
Sun 19th Security Plan Validation & Master Plan Integration 2 hrs All G.1-G.6 PRs merged, security.md updated, master plan updated

Dependency Analysis

Execution Dependencies

Optimal Execution Sequence: G.1 first (CRITICAL), then parallel tracks: (G.2 + G.3 + G.4) in parallel with G.5, then G.6 last

Integration with Master Plan

🔗 How Security Fits into Master Plan Top 10

Security Category G (New): Adds 6 security remediation plans to master plan structure

Top 10 Updated (Jan 5, 2026):

  1. ✅ G.1: SQL Injection Fixes (CRITICAL)
  2. ✅ G.2: Command Injection Prevention (CRITICAL)
  3. ✅ G.3: Password Hashing Migration (CRITICAL)
  4. ✅ A.2: K8s Readiness (CRITICAL) - Parallel track
  5. ✅ A.1: K8s Migration (CRITICAL) - Parallel track
  6. ✅ G.4: Session & CSRF Security (HIGH) - Parallel track
  7. ✅ E.1: AI Chat System (HIGH) - Feature development
  8. ✅ G.5: Encryption & Key Management (HIGH) - Parallel track
  9. ✅ B.1/B.2: Bug Fixes (HIGH) - Ongoing
  10. ✅ G.6: Input Validation & Headers (MEDIUM) - Final hardening

Compliance & Standards

Alignment with Security Standards

Success Criteria

By End of Week 2 (Jan 19, 2026):

[% INCLUDE footer.tt %]