Publication date: February 10, 2022
Under some circumstances, all users, including users without the
admin role or
CANCELQUERY option, are able to cancel any other users' sessions on the Sessions page of the DB Console on CockroachDB v20.2, v21.1, and v21.2.
This public issue is tracked as #75758.
All deployments up to v20.2.18, v21.1.13, and v21.2.4 are affected.
Users without the appropriate permissions may cancel any other users' sessions from the DB Console.
Questions about any technical alert can be directed to our support team.