Bug ID 979205: Applications Page displays statistics for applications the user does not have permissions to view

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IQ AppIQ(all modules)

Known Affected Versions:
8.0.0, 8.0.0.1

Opened: Jan 06, 2021

Severity: 4-Minor

Symptoms

Since application and application service permissions are assigned separately to the user, using separate roles, it is possible to give a user permissions to view/manage application services but not to the application they are contained in. In such a scenario, the user would not be able to see view the application and application aggregated statistics in the application page grid/tile view section. This is by design. However, the user would be able to see, in the applications page summary bar, aggregated statistics for applications that contain application services which the user has permissions to see.

Impact

The ability to view statistics for permitted application services from an application (application name) the user is not permitted to view.

Conditions

A user is assigned view/manage permissions for application services but is not assigned view/manage permissions for the application which contains those application services.

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips