Last Modified: Oct 06, 2020
See more info
Known Affected Versions:
6.0.1, 126.96.36.199, 188.8.131.52
Opened: Nov 28, 2018
When saving changes to a user group you are a part of, the save operation fails with a message: PUT to /mgmt/cm/system/authn/providers/radius/[some_uuid]/user-groups/[some_other_uuid] is unauthorized.
Edits to the user group fail, making the user group almost uneditable.
-- Active user is configured with the Administrators Role. -- That user is in a user group. -- That user then attempts to edit the user group.
The user group can be edited by logging in as a different administrator user who is not in the user group. This may or may not be feasible for third-party authentication users, but should be available for the default local admin, 'admin.'
All Administrator users can now edit all user groups, even if they are a member of the user group being edited.