Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access

2024-12-04 05:08

A critical security vulnerability has been disclosed in SailPoint's IdentityIQ identity and access management (IAM) software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905, has a CVSS score of 10.0, indicating maximum severity. It affects IdentityIQ versions 8.2. 8.3, 8.4, and other previous versions. IdentityIQ "allows

News URL

https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html

#critical #sailpoint #vulnerability #CVE-2024-10905

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-02	CVE-2024-10905	IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions allow HTTP/HTTPS access to static content in the IdentityIQ application directory that should be protected.	0.0

News URL

Related news

Related Vulnerability