Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-1341

permissions not enforced on api

    XMLWordPrintable

    Details

    • Type: Incident report
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.9.0 (alpha)
    • Fix Version/s: None
    • Component/s: API (A)
    • Labels:
      None
    • Environment:
      rev 8369

      Description

      it seems that no permission limits are enforced when using api - logged in as monitoring access with read only access to single hostgroup, was able to access all configured hosts, all user information including password hashes etc

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            richlv richlv
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: