Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.5 views

CVE-2022-23855

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account...

9.8CVSS7.2AI score0.01712EPSS
Exploits1References1
NVD
NVD
added 2022/01/24 2:15 a.m.17 views

CVE-2022-23855

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account...

9.8CVSS0.01712EPSS
Exploits1References1
CVE
CVE
added 2022/01/24 1:43 a.m.54 views

CVE-2022-23855

Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x contains an authentication bypass in ECM/maintenance/forgotpasswordstep1 that allows an unauthenticated user to reset passwords and log in as any local account. Root cause: bypass in forgotpasswordstep1. Publicly available fix details are not prov...

9.8CVSS9.3AI score0.01712EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/24 1:43 a.m.22 views

CVE-2022-23856

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI...

5.6AI score0.00955EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/01/24 12:0 a.m.4 views

PT-2022-16294 · Saviynt · Saviynt Enterprise Identity Cloud

Name of the Vulnerable Software and Affected Versions: Saviynt Enterprise Identity Cloud EIC version 5.5 SP2.x Description: An issue was discovered that allows an attacker to enumerate users by changing the id parameter in the "ECM/maintenance/forgotpasswordstep1" API endpoint. Recommendations: F...

5.3CVSS5AI score0.00955EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/01/24 12:0 a.m.3 views

PT-2022-16293 · Saviynt · Saviynt Enterprise Identity Cloud

Name of the Vulnerable Software and Affected Versions: Saviynt Enterprise Identity Cloud EIC version 5.5 SP2.x Description: An issue was discovered that allows an authentication bypass. Specifically, the endpoint /ECM/maintenance/forgotpasswordstep1 is vulnerable, enabling an unauthenticated user...

9.8CVSS9.4AI score0.01712EPSS
Exploits1References2
Rows per page
Query Builder