Impact
An unknown number of internal users with the Customer Manager role experienced issues when attempting to access groups. The issue started on UTC-5 25-06-12 21:48 and was proactively discovered 3.4 days (TTD) later by a staff member who reported through our help desk [1] that the platform triggered an Access denied error message, preventing regular access to the groups. The issue was limited to this specific role and did not affect users with other permissions. The problem was resolved in 1.4 hours (TTF), resulting in a total window of exposure of 3.5 days (WOE) [2].
Cause
There was a formatting mistake in the file that defines what the Customer Manager role is allowed to do. Specifically, a small but important separator (a comma) was missing, which caused the system to ignore the entire set of permissions for that role. As a result, users with that role were blocked from accessing areas they normally should have access to [3].
Solution
The formatting error was corrected by adding the missing comma, which allowed the system to properly recognize the role and apply the correct permissions. This restored access for users with the Customer Manager role [4].
Conclusion
This incident underscores the importance of validating configuration syntax during development. Automated checks will be added to catch similar errors earlier in the deployment process. FAILED_LINTER < NO_SPECIFIED