Unable to access vulnerable findings
Incident Report for Fluid Attacks
Postmortem

Impact

At least three organizations were denied access to findings with vulnerable status. The issue started on UTC-5 23-06-29 14:08 and was reactively discovered 4 days (TTD) later by a user who reported through our help desk [1] that our Agent was blocking the execution of his pipeline due to a vulnerability found when accessing the platform. In the vulnerabilities view, the vulnerability was not listed. The problem was resolved in 1 day (TTF) resulting in a total impact of 5 days (TTR).

Cause

We encountered a problem updating our indicators. Changes introduced in the merge request [2], changes were introduced in which some methods lacked tests, the methods directly dependent on those values were not considered, and no test failed.

Solution

We introduced the solution in a merge request [3], which updated the correct values of the findings, allowing them to be displayed.

Conclusion

A new issue [4] has been created to change the method and use the new values for the filter to work correctly. INCOMPLETE_PERSPECTIVE

Posted Sep 18, 2023 - 21:40 GMT-05:00
Resolved
The problem has been resolved and the vulnerabilities can now be accessed normally.
Posted Aug 04, 2023 - 13:25 GMT-05:00
Identified
Some users are receiving an access denied message when trying to access the findings.
Posted Jul 03, 2023 - 15:04 GMT-05:00
This incident affected: Platform.
Current Status Powered by Atlassian Statuspage