TS-2024-006

Vulnerability from tailscale - Published: Wed, 22 May 2024 00:00:00 GMT

Description: Tailnet SSO provider migration impacting invited users

What happened?

When tailnets are created, they are associated with an SSO provider such as Google or Microsoft, requiring all members of the tailnet to authenticate using that provider. In addition, Tailscale also supports inviting external users to tailnets to allow sharing with contractors, friends, or other collaborators who may use a different SSO provider than that of the inviting tailnet to log in to Tailscale.

Customers with an existing tailnet who wish to use a different SSO provider can request to migrate via customer support. The internal tool used to perform these migrations previously migrated the SSO provider for all members of a tailnet, including those of invited external members.

We fixed this internal tool to migrate direct tailnet members, excluding invited members on May 20, 2024.

We reverted the erroneous SSO provider changes and notified affected users on May 23, 2024.

Who was affected?

55 users were invited external members of tailnets whose SSO provider was subsequently migrated prior to May 20, 2024. We have notified the security contacts for the tailnets where users were affected by this incident.

What was the impact?

Users whose SSO providers were erroneously migrated would have been unable to log in to Tailscale during this time, as their SSO source would differ from the one on record.

What do I need to do?

No action is needed at this time.

Show details on source website
To clipboard 

{
  "guidislink": false,
  "id": "https://tailscale.com/security-bulletins/#ts-2024-006",
  "link": "https://tailscale.com/security-bulletins/#ts-2024-006",
  "links": [
    {
      "href": "https://tailscale.com/security-bulletins/#ts-2024-006",
      "rel": "alternate",
      "type": "text/html"
    }
  ],
  "published": "Wed, 22 May 2024 00:00:00 GMT",
  "summary": "\u003cp\u003e\u003cstrong\u003e\u003cem\u003eDescription\u003c/em\u003e\u003c/strong\u003e: Tailnet SSO provider migration impacting invited users\u003c/p\u003e\n\u003ch5\u003eWhat happened?\u003c/h5\u003e\n\u003cp\u003eWhen tailnets are created, they are associated with an \u003ca href=\"https://tailscale.com/kb/1013/sso-providers\"\u003eSSO\nprovider\u003c/a\u003e such as Google or Microsoft, requiring all members\nof the tailnet to authenticate using that provider. In addition, Tailscale also\nsupports inviting \u003ca href=\"https://tailscale.com/kb/1271/invite-any-user\"\u003eexternal users\u003c/a\u003e to tailnets to allow\nsharing with contractors, friends, or other collaborators who may use a\ndifferent SSO provider than that of the inviting tailnet to log in to\nTailscale.\u003c/p\u003e\n\u003cp\u003eCustomers with an existing tailnet who wish to use a different SSO provider can\nrequest to migrate via customer support. The internal tool used to perform these\nmigrations previously migrated the SSO provider for\n\u003cem\u003eall members\u003c/em\u003e of a tailnet, including those of invited external members.\u003c/p\u003e\n\u003cp\u003eWe fixed this internal tool to migrate direct tailnet members, excluding invited\nmembers on May 20, 2024.\u003c/p\u003e\n\u003cp\u003eWe reverted the erroneous SSO provider changes and notified affected\nusers on May 23, 2024.\u003c/p\u003e\n\u003ch5\u003eWho was affected?\u003c/h5\u003e\n\u003cp\u003e55 users were invited external members of tailnets whose SSO provider was\nsubsequently migrated prior to May 20, 2024. We have notified the security\ncontacts for the tailnets where users were affected by this incident.\u003c/p\u003e\n\u003ch5\u003eWhat was the impact?\u003c/h5\u003e\n\u003cp\u003eUsers whose SSO providers were erroneously migrated would have been\nunable to log in to Tailscale during this time, as their SSO source\nwould differ from the one on record.\u003c/p\u003e\n\u003ch5\u003eWhat do I need to do?\u003c/h5\u003e\n\u003cp\u003eNo action is needed at this time.\u003c/p\u003e",
  "summary_detail": {
    "base": "https://tailscale.com/security-bulletins/index.xml",
    "language": null,
    "type": "text/html",
    "value": "\u003cp\u003e\u003cstrong\u003e\u003cem\u003eDescription\u003c/em\u003e\u003c/strong\u003e: Tailnet SSO provider migration impacting invited users\u003c/p\u003e\n\u003ch5\u003eWhat happened?\u003c/h5\u003e\n\u003cp\u003eWhen tailnets are created, they are associated with an \u003ca href=\"https://tailscale.com/kb/1013/sso-providers\"\u003eSSO\nprovider\u003c/a\u003e such as Google or Microsoft, requiring all members\nof the tailnet to authenticate using that provider. In addition, Tailscale also\nsupports inviting \u003ca href=\"https://tailscale.com/kb/1271/invite-any-user\"\u003eexternal users\u003c/a\u003e to tailnets to allow\nsharing with contractors, friends, or other collaborators who may use a\ndifferent SSO provider than that of the inviting tailnet to log in to\nTailscale.\u003c/p\u003e\n\u003cp\u003eCustomers with an existing tailnet who wish to use a different SSO provider can\nrequest to migrate via customer support. The internal tool used to perform these\nmigrations previously migrated the SSO provider for\n\u003cem\u003eall members\u003c/em\u003e of a tailnet, including those of invited external members.\u003c/p\u003e\n\u003cp\u003eWe fixed this internal tool to migrate direct tailnet members, excluding invited\nmembers on May 20, 2024.\u003c/p\u003e\n\u003cp\u003eWe reverted the erroneous SSO provider changes and notified affected\nusers on May 23, 2024.\u003c/p\u003e\n\u003ch5\u003eWho was affected?\u003c/h5\u003e\n\u003cp\u003e55 users were invited external members of tailnets whose SSO provider was\nsubsequently migrated prior to May 20, 2024. We have notified the security\ncontacts for the tailnets where users were affected by this incident.\u003c/p\u003e\n\u003ch5\u003eWhat was the impact?\u003c/h5\u003e\n\u003cp\u003eUsers whose SSO providers were erroneously migrated would have been\nunable to log in to Tailscale during this time, as their SSO source\nwould differ from the one on record.\u003c/p\u003e\n\u003ch5\u003eWhat do I need to do?\u003c/h5\u003e\n\u003cp\u003eNo action is needed at this time.\u003c/p\u003e"
  },
  "title": "TS-2024-006",
  "title_detail": {
    "base": "https://tailscale.com/security-bulletins/index.xml",
    "language": null,
    "type": "text/plain",
    "value": "TS-2024-006"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.