Platform's Scope section issues

Incident Report for Fluid Attacks

Postmortem

Impact

An unknown number of users experienced issues when trying to access the Scope section of the Platform. The issue started on UTC-5 24-03-12 17:03 and was reactively discovered 17 hours (TTD) later by a client who reported through our help desk [1] that when attempting to access the Scope section, the platform displayed an Access denied message. The problem was resolved in 9.8 hours (TTF), resulting in a total window of exposure of 1.1 days (WOE) [2].

Cause

Users with User, Reviewer, and Vulnerability Manager roles encountered access issues in the Scope section, receiving an Access denied message due to insufficient permissions [3].

Solution

The necessary permissions were assigned to the affected roles [4].

Conclusion

Permissions were not properly assigned, leading to access issues for certain roles. To prevent similar occurrences in the future, thorough testing of functionalities for all roles will be implemented [5]. INCOMPLETE_PERSPECTIVE < MISSING_TEST

Posted Mar 14, 2024 - 15:53 GMT-05:00

Resolved

The incident has been resolved, and users can now access the Scope section without any difficulties.
Posted Mar 13, 2024 - 20:03 GMT-05:00

Identified

Issues accessing the Scope section for certain roles.
Posted Mar 13, 2024 - 14:35 GMT-05:00
This incident affected: Platform.