PacketFence - BTS - PacketFence | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0001778 | PacketFence | security | public | 2014-03-20 12:25 | 2014-03-20 21:07 |
| Reporter | lpelet | ||||
| Assigned To | francis | ||||
| Priority | high | Severity | major | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Platform | All | OS | All | OS Version | All |
| Product Version | 4.0.0 | ||||
| Target Version | Fixed in Version | 4.1.1 | |||
| fixed in git revision | 27bd6016b8a13638b2c6c06061f4ad4ecf9588c1 | ||||
| fixed in mtn revision | |||||
| Summary | 0001778: admin user gain role default | ||||
| Description | In the database schema >= 4.0.0, we define the user admin with the category = 1. It lets the user admin to gain the role default if authenticated on the captive portal. Verify that your admin password is strong else users can guess it and register devices with role default. If you don't use the user admin on the captive portal, remove this capability on the user tab in users properties for admin. | ||||
| Steps To Reproduce | |||||
| Additional Information | |||||
| Tags | No tags attached. | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2014-03-20 12:25 | lpelet | New Issue | |||
| 2014-03-20 21:07 | francis | fixed in git revision | => 27bd6016b8a13638b2c6c06061f4ad4ecf9588c1 | ||
| 2014-03-20 21:07 | francis | Status | new => resolved | ||
| 2014-03-20 21:07 | francis | Fixed in Version | => 4.1.1 | ||
| 2014-03-20 21:07 | francis | Resolution | open => fixed | ||
| 2014-03-20 21:07 | francis | Assigned To | => francis | ||
| There are no notes attached to this issue. |