SailPoint IdentityIQ 安全漏洞

SailPoint IdentityIQ is a security software developed by SailPoint Corporation. It provides credit monitoring, identity protection, and antivirus features. SailPoint IdentityIQ has a security vulnerability that stems from allowing authenticated identity roles to edit role definitions without havi...

CVE-2026-4857 SailPoint IdentityIQ Debug UI Incorrect Authorization

IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug Pages Read Only capability or any custom capability with the ViewAccessDebugPage SPRight to incorrectly create new...

CVE-2026-4857 SailPoint IdentityIQ Debug UI Incorrect Authorization

IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug Pages Read Only capability or any custom capability with the ViewAccessDebugPage SPRight to incorrectly create new...

SailPoint IdentityIQ 安全漏洞

SailPoint IdentityIQ is a complete solution from SailPoint that utilizes artificial intelligence and machine learning to enable seamless automated provisioning. A security vulnerability exists in SailPoint IdentityIQ that stems from the fact that certain IdentityIQ Web services can set the...

Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access

A critical security vulnerability has been disclosed in SailPoint's IdentityIQ identity and access management IAM software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905 , has a CVSS score of 10.0, indicating maximum severit...

SailPoint IdentityIQ 安全漏洞

SailPoint IdentityIQ is a security software from SailPoint, Inc. which provides credit monitoring, identity insurance, and antivirus. A security vulnerability exists in SailPoint IdentityIQ that originates from allowing HTTP access to static content in the application catalog that should be...

PT-2024-19297

Name of the Vulnerable Software and Affected Versions SailPoint IdentityIQ affected versions not specified Description The issue is a path traversal vulnerability in JavaServer Faces JSF that allows access to arbitrary files in the application server file system. This can be exploited by an...

SailPoint IdentityIQ Security Vulnerability

SailPoint IdentityIQ is a security software from SailPoint, Inc. which provides credit monitoring, identity insurance, and antivirus. A security vulnerability exists in SailPoint IdentityIQ Lifecycle Manager that stems from improperly limiting parameter values...

CVE-2023-32217 SailPoint IdentityIQ Unsafe use of Reflection Vulnerability

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p6, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow an authenticated user to invoke a Java constructor with no arguments...

CVE-2022-45435 SailPoint IdentityIQ Access Control Bypass

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6, and all prior versions allow authenticated users assigned the Identity...