CVE-2024-3317

CVE-2024-3317 involves SailPoint Identity Security Cloud (ISC) message server API showing improper access control. An authenticated user can exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants. This is described across multiple sources (NVD, Red H...