ts-2024-004
Vulnerability from tailscale
Description: Unclear network flow logs collection status for alpha testers.
What happened?
When network flow logs first entered private alpha, tailnet admins who were interested in testing out the feature had to request to be manually opted into the alpha testing track. When we subsequently introduced admin console settings for self-serve network flow logs for the public beta launch, these settings were not properly connected to the alpha testing track. As a result, for the small number of tailnets that volunteered for alpha testing, the admin console interface did not show that logs were still being collected as initially requested.
We fixed this bug on April 25, 2024 and the admin console now correctly shows the status of network flow logs for all users.
Who was affected?
15 tailnets were opted into network flow log collection through the alpha testing track that did not re-enroll through the admin console. We notified security contacts for the affected tailnets about this bug.
What was the impact?
The admin panel did not reflect the correct status for network flow log collection for affected tailnets, and admins of these tailnets may not have realized that network flow logs were still being collected.
What do I need to do?
No action is needed at this time.
Show details on source website{
"guidislink": false,
"id": "https://tailscale.com/security-bulletins/#ts-2024-004",
"link": "https://tailscale.com/security-bulletins/#ts-2024-004",
"links": [
{
"href": "https://tailscale.com/security-bulletins/#ts-2024-004",
"rel": "alternate",
"type": "text/html"
}
],
"published": "Mon, 06 May 2024 00:00:00 GMT",
"summary": "\u003cp\u003e\u003cstrong\u003e\u003cem\u003eDescription\u003c/em\u003e\u003c/strong\u003e: Unclear network flow logs collection status for alpha testers.\u003c/p\u003e\n\u003ch5\u003eWhat happened?\u003c/h5\u003e\n\u003cp\u003eWhen \u003ca href=\"https://tailscale.com/kb/1219/network-flow-logs\"\u003enetwork flow logs\u003c/a\u003e first entered private alpha, tailnet admins who were interested in testing out the feature had to request to be manually opted into the alpha testing track. When we subsequently introduced admin console settings for self-serve network flow logs for the public beta launch, these settings were not properly connected to the alpha testing track. As a result, for the small number of tailnets that volunteered for alpha testing, the admin console interface did not show that logs were still being collected as initially requested.\u003c/p\u003e\n\u003cp\u003eWe fixed this bug on April 25, 2024 and the admin console now correctly shows the status of network flow logs for all users.\u003c/p\u003e\n\u003ch5\u003eWho was affected?\u003c/h5\u003e\n\u003cp\u003e15 tailnets were opted into network flow log collection through the alpha testing track that did not re-enroll through the admin console. We notified security contacts for the affected tailnets about this bug.\u003c/p\u003e\n\u003ch5\u003eWhat was the impact?\u003c/h5\u003e\n\u003cp\u003eThe admin panel did not reflect the correct status for network flow log collection for affected tailnets, and admins of these tailnets may not have realized that network flow logs were still being collected.\u003c/p\u003e\n\u003ch5\u003eWhat do I need to do?\u003c/h5\u003e\n\u003cp\u003eNo action is needed at this time.\u003c/p\u003e",
"summary_detail": {
"base": "https://tailscale.com/security-bulletins/index.xml",
"language": null,
"type": "text/html",
"value": "\u003cp\u003e\u003cstrong\u003e\u003cem\u003eDescription\u003c/em\u003e\u003c/strong\u003e: Unclear network flow logs collection status for alpha testers.\u003c/p\u003e\n\u003ch5\u003eWhat happened?\u003c/h5\u003e\n\u003cp\u003eWhen \u003ca href=\"https://tailscale.com/kb/1219/network-flow-logs\"\u003enetwork flow logs\u003c/a\u003e first entered private alpha, tailnet admins who were interested in testing out the feature had to request to be manually opted into the alpha testing track. When we subsequently introduced admin console settings for self-serve network flow logs for the public beta launch, these settings were not properly connected to the alpha testing track. As a result, for the small number of tailnets that volunteered for alpha testing, the admin console interface did not show that logs were still being collected as initially requested.\u003c/p\u003e\n\u003cp\u003eWe fixed this bug on April 25, 2024 and the admin console now correctly shows the status of network flow logs for all users.\u003c/p\u003e\n\u003ch5\u003eWho was affected?\u003c/h5\u003e\n\u003cp\u003e15 tailnets were opted into network flow log collection through the alpha testing track that did not re-enroll through the admin console. We notified security contacts for the affected tailnets about this bug.\u003c/p\u003e\n\u003ch5\u003eWhat was the impact?\u003c/h5\u003e\n\u003cp\u003eThe admin panel did not reflect the correct status for network flow log collection for affected tailnets, and admins of these tailnets may not have realized that network flow logs were still being collected.\u003c/p\u003e\n\u003ch5\u003eWhat do I need to do?\u003c/h5\u003e\n\u003cp\u003eNo action is needed at this time.\u003c/p\u003e"
},
"title": "TS-2024-004",
"title_detail": {
"base": "https://tailscale.com/security-bulletins/index.xml",
"language": null,
"type": "text/plain",
"value": "TS-2024-004"
}
}
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.