Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP GTM
Known Affected Versions:
11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 13.0.0
Fixed In:
13.1.0, 13.0.0 HF1, 12.1.3.7
Opened: Jan 04, 2017 Severity: 3-Major
While logged in as a Manager role, if a user attempts to modify an object this role does not have access to, the GUI will post a validation error.
The system posts generic validation errors when Create, Update, Delete actions are initiated by a user without proper permissions. These permissions are not allowed for the Manager, but the GUI makes it appear as if they are.
This occurs when users in the Manager role make changes to Datacenter links/servers/prober-pool/Topology.
None.
The GUI now properly hides or disables the action buttons if a user does not have proper permissions to perform the action.