Impact
An unknown number of users experienced issues when trying to access the Scope section of the Platform. The issue started on UTC-5 24-03-12 17:03 and was reactively discovered 17 hours (TTD) later by a client who reported through our help desk [1] that when attempting to access the Scope section, the platform displayed an Access denied message. The problem was resolved in 9.8 hours (TTF), resulting in a total window of exposure of 1.1 days (WOE) [2].
Cause
Users with User, Reviewer, and Vulnerability Manager roles encountered access issues in the Scope section, receiving an Access denied message due to insufficient permissions [3].
Solution
The necessary permissions were assigned to the affected roles [4].
Conclusion
Permissions were not properly assigned, leading to access issues for certain roles. To prevent similar occurrences in the future, thorough testing of functionalities for all roles will be implemented [5]. INCOMPLETE_PERSPECTIVE < MISSING_TEST