Closed AndrewCopeland closed 3 years ago
Kudos, SonarCloud Quality Gate passed!
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
0.0% Duplication
@AndrewCopeland I'm getting weird results from this. I don't believe it's the method as we applied it in the CLI. I'm hoping you can test to see if you get similar results.
I created an account test-move
in DemoSafe1
. I then moved it using the Account ID 95_4
to Dummy-Safe
. This created a new Account ID 96_4
. When I run cybr accounts get -i 95_4
it still returns test-move
from DemoSafe1
but I cannot view it in PVWA. Similarly, when I run cybr accounts get -i 96_4
it returns the proper move of test-move
to Dummy-Safe
.
Typically, I wouldn't bat an eye and move on, but I ran cybr accounts get-password -i 95_4
and the old "moved" account returned the set password. This is where it got weird. Technically, this shouldn't return a password or even be an object in existence, however it is.
Thoughts?
I think this may be intended behaviour for the API because of the safe retention period. I will look into it further, odd you can still retrieve the password of a "deleted" account.
I was able to replicate the behavior you were experiencing on my side. Is this expected behaviour of the cyberark rest API?
Apparently, it is.
47
cybr accounts move
command has been added