CVE-2024-3319
Security implication in SailPoint Identity Security Cloud IdentityProfile API Endpoints
An issue was identified in the Identity Security Cloud (ISC) Transform preview and IdentityProfile preview API endpoints that allowed an authenticated administrator to execute user-defined templates as part of attribute transforms which could allow remote code execution on the host.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Productos afectados
SailPoint · Identity Security Cloud¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →