Security Issue in API Classic Portal "User can see all developers under the "Organization Developers" tab

book

Article ID: 193511

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway

Issue/Introduction

In certain special situations a normal developer with Organization Admin rights could see all developers under the "Organization Developers" tab in Classic API Portal .


Environment

Release : 9.4

Component : API GATEWAY

Resolution

The problem is related to a defect DE459908 which is fixed in CR16 

Upgrade to portal CR16 as soon as possible