Circuit Breaker Authorization Issue
Medium
C
Cosmos
Submitted None
Team Summary
Official summary from Cosmos
A bug was discovered in the Cosmos SDK in which an account that has authorization for some messages in the circuit breaker module could reset the circuit breaker for any message, despite not having that permission. An additional authorization check was added to ensure the permission model is correct.
Actions:
Reported by
strikeout
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Access Control - Generic