Flexera One – APAC – Degraded product functionality

Update timeline

1. investigating Nov 13, 2025, 10:20 AM UTC

   Incident Description: Our teams are currently investigating an issue affecting a subset of Flexera One users in the APAC region, resulting in degraded RBAC(Role-Based Access Control) functionality. Impacted non-admin users are missing several product functionalities due to missing privileges, and administrators were initially unable to create new organizations. Priority: P2 Restoration Activity: Our teams have identified a database-related issue as the underlying cause. They are actively working to restore the appropriate access privileges for all affected users. The ability for administrators to create new organizations has already been fully restored. We will share further updates as they become available.

2. monitoring Nov 13, 2025, 12:08 PM UTC

   Our teams have restored the database, which should fully recover all functionality. We are continuing to monitor the environment to ensure stability and to check for any residual issues.

3. resolved Nov 13, 2025, 12:25 PM UTC

   Our teams have completed all validations and have not identified any further issues. We will continue to further investigate the root cause and will publish our findings in a post-mortem report once available.

4. postmortem Nov 26, 2025, 04:03 PM UTC

   **Description:** Flexera One – APAC – Degraded product functionality **Timeframe:** November 12, 2025, 11:29 PM PST to November 13, 2025, 3:23 AM PST ‌ **Incident Summary** ‌ On Wednesday, November 12, 2025, at 11:29 PM PST, our teams identified issues impacting a segment of Flexera One users in the APAC region. This incident resulted in degraded Role-Based Access Control \(RBAC\) functionality, leaving non-admin users without essential product features due to insufficient access privileges. Additionally, administrators faced challenges in creating new organizations within the platform. The investigation revealed that errors arose following a recent production deployment in the APAC environment on November 10. While the deployment had successfully passed staging validation, unforeseen issues emerged post-release in production. During the investigation, certain diagnostic commands were executed that inadvertently removed database components responsible for storing RBAC privileges, further affecting access for users. By November 13, 2025, at 2:58 AM PST, our teams successfully restored the missing database components necessary for administrators to create new organizations. The complete recovery of the database was achieved by 3:23 AM PST, fully reinstating all RBAC functionalities for the affected users. ‌ **Root Cause** The incident was caused by privilege removal in the database during post-deployment investigation. While the deployment itself did not surface issues in staging, unexpected behavior arose in production. During troubleshooting, the team executed commands intended for analysis, which mistakenly resulted in the deletion of privilege configurations, causing missing RBAC access for non-admin users and temporarily blocking organization creation for administrators. ‌ **Remediation Actions** · **Restore Admin Capabilities:** Reinstated administrator ability to create new organizations by 2:58 AM PST. · **Database Recovery:** Fully restored RBAC privilege data and database functions by 3:23 AM PST. · **Functional Verification:** Validated access restoration across all impacted users and confirmed full service recovery. · **Impact Closure Review:** Completed review to ensure no further degradation or user impact remains. ‌ **Future Preventative Measures** · **Pre-Execution Safety Controls:** Review existing documentation and approval steps before execution of impactful DB/privilege commands in production environments. · **Expanded Deployment Testing:** Increase test coverage for RBAC permission behaviour and include production-like validation checks. · **Access-Sensitive Command Safeguards:** Restrict execution of high-impact database statements behind protected access layers and peer approvals.