CVE-2024-3319 Security implication in SailPoint Identity Security Cloud IdentityProfile API Endpoints

An issue was identified in the Identity Security Cloud ISC Transform preview and IdentityProfile preview API endpoints that allowed an authenticated administrator to execute user-defined templates as part of attribute transforms which could allow remote code execution on the host...

SailPoint Identity Security Cloud 安全漏洞

SailPoint Identity Security Cloud is a secure identity platform from SailPoint, Inc. A security vulnerability exists in SailPoint Identity Security Cloud that stems from the presence of incorrect access controls that allow authenticated users to disclose job processing metadata from other tenants...

CVE-2022-45435 SailPoint IdentityIQ Access Control Bypass

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6, and all prior versions allow authenticated users assigned the Identity...