A change in the production environment is the root cause of the broad outage suffered by Salesforce.
The service disruption affected its Pardot B2B marketing automation system, the cloud CRM company’s change broke access privileges settings across organizations and gave customers access to all of their respective company’s files.
“One of our projects had all its profiles modified to enable modify all, allowing all users access to all data.” reported a user on Reddit.
In response to the incident, Salesforce has denied all access to a hundred of cloud instances that host Pardot users, the blocked the access for any other user to the same systems, even if they were not using Pardot.
Salesforce customers have been unable to access the service since 09:56 PDT (16:56 UTC) on Friday.
“The deployment of a database script resulted in granting users broader data access than intended,” reads a note published by the company. “To protect our customers, we have blocked access to all instances that contain affected customers until we can complete the removal of the inadvertent permissions in the affected customer orgs.”
Below the message published by Patrick Harris, Salesforce CTO and co-founder:
A few hours ago, Salesforce informed its users that it was able to restore access to most of its services, this means that the users experienced at least 15 hours of service disruption. Unfortunately, some organizations may still face problems, according to the latest notice issued by the CRM firm administrators will have to manually repair user account permissions.
“We have restored administrators’ access to all orgs affected by the recent permissions issue and have prepared a set of instructions for admins that may need guidance on how to manually restore user permissions. We have updated the instructions to include guidance for Field Service Lightning administrators.” states the company. “Those instructions can be found in this Known Issue article: http://sfdc.co/PermSetKI. In parallel, we are working on an automated provisioning fix to allow us to restore user permissions to where they were before the incident occurred.”
The company warns that a limited number of admins may still be experiencing issues such as logging in to their organizations or modifying permissions.
If you appreciate my effort in spreading cybersecurity awareness, please vote
for Security Affairs in the section “Your Vote for the Best EU Security
Tweeter”
Thank you
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Salesforce, outage)
[adrotate banner=”5″]
[adrotate banner=”13″]
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
This website uses cookies.