CVE-2024-3317
SailPoint Identity Security Cloud Improper Access Control
An improper access control was identified in the Identity Security Cloud (ISC) message server API that allowed an authenticated user to exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Productos afectados
SailPoint · Identity Security Cloud¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →