zCat on Nostr: Critical Vulnerability Discovered in SailPoint IdentityIQ SailPoint this week warned ...
Critical Vulnerability Discovered in SailPoint IdentityIQ
SailPoint this week warned that a critical-severity vulnerability in the identity and access management (IAM) platform IdentityIQ could allow attackers to access restricted files.
SailPoint’s IdentityIQ IAM platform provides full lifecycle and compliance management capabilities covering provisioning, access requests, certifications, and segregation of duties.
The critical issue, tracked as CVE-2024-10905, has a CVSS score of 10/10 and is described as an improper access control flaw. The bug is, essentially, a directory traversal flaw that affects all IdentityIQ versions up to patch levels 8.4p2, 8.3p5, and 8.2p8.
See more: https://www.securityweek.com/critical-vulnerability-discovered-in-sailpoint-identityiq/
#cybersecurity #identityiq
SailPoint this week warned that a critical-severity vulnerability in the identity and access management (IAM) platform IdentityIQ could allow attackers to access restricted files.
SailPoint’s IdentityIQ IAM platform provides full lifecycle and compliance management capabilities covering provisioning, access requests, certifications, and segregation of duties.
The critical issue, tracked as CVE-2024-10905, has a CVSS score of 10/10 and is described as an improper access control flaw. The bug is, essentially, a directory traversal flaw that affects all IdentityIQ versions up to patch levels 8.4p2, 8.3p5, and 8.2p8.
See more: https://www.securityweek.com/critical-vulnerability-discovered-in-sailpoint-identityiq/
#cybersecurity #identityiq