You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I checked other issues already, but found no answer/solution
I checked the documentation and wiki, but found no answer/solution
I am running the latest version and the issue still occurs
I am sure that this issue is about SteVe (and not about the charging station software or something unrelated to SteVe)
Specifications
SteVe Version : 3.6.0
Operating system : Ubuntu 22.04.1
JDK : openjdk version "11.0.20.1"
Database : version 1.0.3
Issue Description
A potential issue in the Steve OCPP server's transaction handling has been identified, where a StopTransaction message with a meterStop value less than the meterStart value provided in the corresponding StartTransaction could lead to billing discrepancies.
Steps to Reproduce
Send a StartTransaction message with a meterStart value.
Later, send a StopTransaction message with a meterStop value that is less than the meterStart value.
Note the server's acceptance of the transaction and the resulting billing calculation.
Expected Behavior
The server should validate meterStop values to ensure they are equal to or greater than meterStart values to prevent billing errors.
Actual Behavior
The server accepts a StopTransaction message with a meterStop value less than the meterStart value, potentially leading to incorrect billing.
The text was updated successfully, but these errors were encountered:
I'm reaching out for an update regarding this issue.
We are in the process of submitting Common Vulnerabilities and Exposures (CVEs) related to this matter. However, we can wait if you are in the process of fixing it.
Additionally, we intend to publish our findings in an academic paper.
Your prompt response and attention to this matter would be greatly appreciated as it will greatly inform our next steps.
Checklist
Specifications
Issue Description
A potential issue in the Steve OCPP server's transaction handling has been identified, where a
StopTransaction
message with ameterStop
value less than themeterStart
value provided in the correspondingStartTransaction
could lead to billing discrepancies.Steps to Reproduce
StartTransaction
message with ameterStart
value.StopTransaction
message with ameterStop
value that is less than themeterStart
value.Expected Behavior
The server should validate
meterStop
values to ensure they are equal to or greater thanmeterStart
values to prevent billing errors.Actual Behavior
The server accepts a
StopTransaction
message with ameterStop
value less than themeterStart
value, potentially leading to incorrect billing.The text was updated successfully, but these errors were encountered: