Last Modified: Nov 07, 2022
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 11.6.4, 11.6.5, 184.108.40.206, 220.127.116.11, 18.104.22.168
Opened: Jul 15, 2014 Severity: 4-Minor
If a user is logged into the GUI, and that user's account has a role added through TMSH, the user is not logged out of the GUI. Other actions result in the user being logged out the GUI, as expected. All changes to the user's account in the GUI will log out the edited user.
User is not logged out of the GUI for the "add role" action. No real impact is recorded on the user's experience or on the security of the GUI.
The user must be logged into the GUI, another user adds a role to the user's account at the same time via TMSH.