Loading...

XML

Word

Printable

Type: Defect (Security)
Resolution: Fixed
Priority: Trivial
Fix Version/s: 5.4.0alpha1, 5.4 (plan)
Affects Version/s: 5.0.1
Component/s: API (A), Frontend (F)
Labels:
- security

Sprint:
Sprint 68 (Sep 2020), Sprint 69 (Oct 2020), Sprint 70 (Nov 2020), Sprint 71 (Dec 2020)
Story Points:
1

Steps to reproduce:

Add PSK encyption under Administation>General>Autoregistration, after updating, PSK is hidden
Create autoregistration action to add host
Have Zabbix server autoregister another host with the same PSK
Go to configuration>Hosts>Autoregistered host>Encryption - PSK is visible in plain text

At this point, Administration section is available only to Super Admins and PSK is hidden there, but Configuration section is available to Administators, where they can see PSK in plain text.

Expected:
PSK under host info should be hidden

causes

ZBX-19555 `inventory_mode` not returned anymore in API call `host.get` since upgrade to 5.4

Closed

depends on

ZBXNEXT-3497 auto-registration with TLS (PSK)

Closed

is duplicated by

ZBXNEXT-6018 Secret encryption details in the frontend

Closed

Assignee:: Vladimirs Maksimovs

Reporter:: Renats Valiahmetovs (Inactive)

Team:: Team D

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2020 Jul 23 12:06

Updated:: 2024 Apr 10 17:24

Resolved:: 2020 Dec 28 21:35

Details

Description

Attachments

Issue Links

Activity

People

Dates