CVE-2024-3317
SailPoint Identity Security Cloud Improper Access Control
An improper access control was identified in the Identity Security Cloud (ISC) message server API that allowed an authenticated user to exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
SailPoint · Identity Security CloudQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →