ts-2024-006
Vulnerability from tailscale
Description: Tailnet SSO provider migration impacting invited users
What happened?
When tailnets are created, they are associated with an SSO provider such as Google or Microsoft, requiring all members of the tailnet to authenticate using that provider. In addition, Tailscale also supports inviting external users to tailnets to allow sharing with contractors, friends, or other collaborators who may use a different SSO provider than that of the inviting tailnet to log in to Tailscale.
Customers with an existing tailnet who wish to use a different SSO provider can request to migrate via customer support. The internal tool used to perform these migrations previously migrated the SSO provider for all members of a tailnet, including those of invited external members.
We fixed this internal tool to migrate direct tailnet members, excluding invited members on May 20, 2024.
We reverted the erroneous SSO provider changes and notified affected users on May 23, 2024.
Who was affected?
55 users were invited external members of tailnets whose SSO provider was subsequently migrated prior to May 20, 2024. We have notified the security contacts for the tailnets where users were affected by this incident.
What was the impact?
Users whose SSO providers were erroneously migrated would have been unable to log in to Tailscale during this time, as their SSO source would differ from the one on record.
What do I need to do?
No action is needed at this time.
Show details on source website{ guidislink: false, id: "https://tailscale.com/security-bulletins/#ts-2024-006", link: "https://tailscale.com/security-bulletins/#ts-2024-006", links: [ { href: "https://tailscale.com/security-bulletins/#ts-2024-006", rel: "alternate", type: "text/html", }, ], published: "Wed, 22 May 2024 00:00:00 GMT", summary: "<p><strong><em>Description</em></strong>: Tailnet SSO provider migration impacting invited users</p>\n<h5>What happened?</h5>\n<p>When tailnets are created, they are associated with an <a href=\"https://tailscale.com/kb/1013/sso-providers\">SSO\nprovider</a> such as Google or Microsoft, requiring all members\nof the tailnet to authenticate using that provider. In addition, Tailscale also\nsupports inviting <a href=\"https://tailscale.com/kb/1271/invite-any-user\">external users</a> to tailnets to allow\nsharing with contractors, friends, or other collaborators who may use a\ndifferent SSO provider than that of the inviting tailnet to log in to\nTailscale.</p>\n<p>Customers with an existing tailnet who wish to use a different SSO provider can\nrequest to migrate via customer support. The internal tool used to perform these\nmigrations previously migrated the SSO provider for\n<em>all members</em> of a tailnet, including those of invited external members.</p>\n<p>We fixed this internal tool to migrate direct tailnet members, excluding invited\nmembers on May 20, 2024.</p>\n<p>We reverted the erroneous SSO provider changes and notified affected\nusers on May 23, 2024.</p>\n<h5>Who was affected?</h5>\n<p>55 users were invited external members of tailnets whose SSO provider was\nsubsequently migrated prior to May 20, 2024. We have notified the security\ncontacts for the tailnets where users were affected by this incident.</p>\n<h5>What was the impact?</h5>\n<p>Users whose SSO providers were erroneously migrated would have been\nunable to log in to Tailscale during this time, as their SSO source\nwould differ from the one on record.</p>\n<h5>What do I need to do?</h5>\n<p>No action is needed at this time.</p>", summary_detail: { base: "https://tailscale.com/security-bulletins/index.xml", language: null, type: "text/html", value: "<p><strong><em>Description</em></strong>: Tailnet SSO provider migration impacting invited users</p>\n<h5>What happened?</h5>\n<p>When tailnets are created, they are associated with an <a href=\"https://tailscale.com/kb/1013/sso-providers\">SSO\nprovider</a> such as Google or Microsoft, requiring all members\nof the tailnet to authenticate using that provider. In addition, Tailscale also\nsupports inviting <a href=\"https://tailscale.com/kb/1271/invite-any-user\">external users</a> to tailnets to allow\nsharing with contractors, friends, or other collaborators who may use a\ndifferent SSO provider than that of the inviting tailnet to log in to\nTailscale.</p>\n<p>Customers with an existing tailnet who wish to use a different SSO provider can\nrequest to migrate via customer support. The internal tool used to perform these\nmigrations previously migrated the SSO provider for\n<em>all members</em> of a tailnet, including those of invited external members.</p>\n<p>We fixed this internal tool to migrate direct tailnet members, excluding invited\nmembers on May 20, 2024.</p>\n<p>We reverted the erroneous SSO provider changes and notified affected\nusers on May 23, 2024.</p>\n<h5>Who was affected?</h5>\n<p>55 users were invited external members of tailnets whose SSO provider was\nsubsequently migrated prior to May 20, 2024. We have notified the security\ncontacts for the tailnets where users were affected by this incident.</p>\n<h5>What was the impact?</h5>\n<p>Users whose SSO providers were erroneously migrated would have been\nunable to log in to Tailscale during this time, as their SSO source\nwould differ from the one on record.</p>\n<h5>What do I need to do?</h5>\n<p>No action is needed at this time.</p>", }, title: "TS-2024-006", title_detail: { base: "https://tailscale.com/security-bulletins/index.xml", language: null, type: "text/plain", value: "TS-2024-006", }, }
Log in or create an account to share your comment.
This schema specifies the format of a comment related to a security advisory.
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.