Unable to access vulnerable findings
Incident Report for Fluid Attacks


At least three organizations were denied access to findings with vulnerable status. The issue started on UTC-5 23-06-29 14:08 and was reactively discovered 4 days (TTD) later by a user who reported through our help desk [1] that our Agent was blocking the execution of his pipeline due to a vulnerability found when accessing the platform. In the vulnerabilities view, the vulnerability was not listed. The problem was resolved in 1 day (TTF) resulting in a total impact of 5 days (TTR).


We encountered a problem updating our indicators. Changes introduced in the merge request [2], changes were introduced in which some methods lacked tests, the methods directly dependent on those values were not considered, and no test failed.


We introduced the solution in a merge request [3], which updated the correct values of the findings, allowing them to be displayed.


A new issue [4] has been created to change the method and use the new values for the filter to work correctly. INCOMPLETE_PERSPECTIVE

Posted Sep 18, 2023 - 21:40 GMT-05:00

The problem has been resolved and the vulnerabilities can now be accessed normally.
Posted Aug 04, 2023 - 13:25 GMT-05:00
Some users are receiving an access denied message when trying to access the findings.
Posted Jul 03, 2023 - 15:04 GMT-05:00
This incident affected: Platform.