Jamf Nation Community

JSt · ‎09-08-2022

EDIT: This seems to be an issue effecting multiple JamfCloud hosted environments. I have Logged a support case with Jamf, as have other community members.
I will keep this thread up to date with any information from Jamf Support.

On two JAMFCloud Jamf Pro instances, running version 10.40.1-t1659581750

I am unable to save a particular script into Jamf, as every time I press Save it results in a 403 - Access Denied

Whilst debugging this I have found that there are certain character combinations that cause this error.

If I try to save a script with the following text only, I will get the 403 error

${a:}${}

the "a" parameter / var can be swapped with any letter or number and it will still cause the error

If the curly braces are not touching the last $ it will save fine, if they are touching however it will error.

There can be text in between the first ${a:} and the second ${} and it will still crash.
The lines can even be commented out, and it will still crash

e.g. the below will still crash -

#

#${a:}

### asd

#${}

This looks like some strange buffer overflow happening, or validation error crashing the console - rather than an actual access denied, as it is only happening with specific commands.

Does the same happen for anyone else, and is there a reason for this that can be avoided? Or is it a Bug

shannon_pasto · ‎09-08-2022

FYI - Jamf have advised that they recently made a Web Application Firewall (WAF) change that's causing this. You'll need to contact Jamf support with all of your WAN/external IPs to get them whitelisted. If you're working from home and on DHCP with your ISP you'll need to contact Jamf each time it changes.

I can appreciate that this is a security measure but it's a major annoyance as fas as I'm concerned. I've expressed my concern and asked for the issue to be escalated. In the meantime send Jamf your IPs or use Jamf Admin to upload new/edited scripts.

Cheers,

Shannon

View solution in original post

Shaunn_brown · ‎09-08-2022

This is happening to me also, on at least 2 JAMFCloud.com instances -

VERSION

10.40.1-t1659581750

It does not happen to me on a JAMF Pro On-Prem,

VERSION

10.37.2-t1648851072

JSt · ‎09-08-2022

Yes i have two instances running in Jamfcloud and both are showcasing this issue.
Looks to be an issue their end then

Shaunn_brown · ‎09-08-2022

Will you be opening a support ticket on it?

JSt · ‎09-08-2022

I certainly will now I know its not just me who is affected, thanks for the reply

Brett_Cox · ‎09-08-2022

I have this issue as well. Noticed it yesterday (Sep-8-2022)

JSt · ‎09-08-2022

interesting, I know my jamfcloud instance was updated this week so potentially related to this recent update.

npynenberg · ‎09-08-2022

Same for our cloud instance. I opened a ticket.

shannon_pasto · ‎09-08-2022

FYI - Jamf have advised that they recently made a Web Application Firewall (WAF) change that's causing this. You'll need to contact Jamf support with all of your WAN/external IPs to get them whitelisted. If you're working from home and on DHCP with your ISP you'll need to contact Jamf each time it changes.

I can appreciate that this is a security measure but it's a major annoyance as fas as I'm concerned. I've expressed my concern and asked for the issue to be escalated. In the meantime send Jamf your IPs or use Jamf Admin to upload new/edited scripts.

Cheers,

Shannon

Shaunn_brown · ‎09-09-2022

wow, I am now glad I've got more On-Prem JAMF's than Cloud... still gonna be a pain in the .. .. .. neck.

Shaunn_brown · ‎09-09-2022

I gotta ask though, what did you mean use JAMF Admin to upload new and edited scripts. I've never seen that capability in it. Packages yes, scripts no.

JSt · ‎09-09-2022

You can actually just drag text files into the scripts area via JamfAdmin, and then rename them to .sh

This is the workaround we have been using so far, following the 403 issues on the web ui

the process is explained here: https://docs.jamf.com/10.24.1/jamf-pro/administrator-guide/Managing_Scripts.html

Shaunn_brown · ‎09-09-2022

Many thanks! Totally makes sense that it would work like that, I just hadn't dug into JAMF Admin that far yet.

Brett_Cox · ‎09-09-2022

As of today (Sep. 09, 2022) the issue is no longer showing up. I can create new and modify existing scripts without seeing the 403 error. No changes were made by me or JAMF (That I know of) in regards to IP address listings.

JSt · ‎09-09-2022

How strange, I am also now not seeing the issue!
Thanks for bringing to my attention!

batterprize · ‎09-11-2022

I have this issue as well. Noticed it yesterday

backrooms game

shannon_pasto · ‎09-13-2022

I have an update on this one. I escalated to my customer success manager and was given some further information after a bit more of investigation. There appears to have been a temporary WAF rule issue which was causing this on Jamf Cloud. It's now been resolved which is why it has gone for most people (including me).

There is also a know issue with saving scripts with illegal characters in them. It's specific sequence...

:-<letter>

where "<letter>" is just any letter. That's a colon followed by a dash followed by any character. This will cause the 403 error so check your scripts.

Hope this helps everyone

Jamf Nation Community

Certain character combinations in script causing 403 when saving

VERSION

VERSION