4 matches found
CVE-2024-46999 User Grant Deactivation not Working in Zitadel
Zitadel is an open source identity management platform. ZITADEL's user grants deactivation mechanism did not work correctly. Deactivated user grants were still provided in token, which could lead to unauthorized access to applications and resources. Additionally, the management and auth API alway...
LastPass Parent Company GoTo Suffers Data Breach, Customers' Backups Compromised
LastPass-owner GoTo formerly LogMeIn on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers' data along with an encryption key for some of those backups in a November 2022 incident. The breach, which targeted a third-party cloud storage service...
OpenIAM Access Control Error Vulnerability
OpenIAM is a fully integrated identity and access management platform. Vulnerabilities exist in OpenIAM versions prior to 4.2.0.3 due to access control errors in the "Create User", "Modify User Privileges" and "Password Reset" operations. No details of the vulnerabilities are available at this ti...
Micro Focus NetIQ eDirectory Login Restriction Vulnerability
Micro Focus NetIQ eDirectory is an identity management infrastructure platform from Micro Focus UK that combines identity management architecture and directory services technology. The platform provides authentication policies, data backup and recovery services, and data disaster recovery. A...