The vulnerability of the One Identity Manager’s control mechanism for user identification, access rights, and security policies, related to the insecure direct object reference (IDOR), allows attackers to escalate their privileges.

The vulnerability of the User Identification, Access Rights, and Security Policies management tool, One Identity Manager, is related to an insecure direct reference to an object IDOR due to a bypass of authentication using data that are assumed to be immutable. Exploiting this vulnerability can...

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

CVE-2024-56404

CVE-2024-56404 – One Identity Identity Manager : Affects One Identity Identity Manager 9.x before 9.3 (On-Premise). The issue is an insecure direct object reference (IDOR) that enables privilege escalation. Reported CVSSv3.1 base score 9.9 (CRITICAL) with network attack vector, low attack complex...

One Identity Identity Manager 安全漏洞

One Identity Identity Manager is an identity management software from One Identity USA. A security vulnerability exists in One Identity Identity Manager version 9.x through versions prior to 9.3. An attacker could exploit the vulnerability to escalate privileges...