An improper access control was identified in the Identity Security Cloud (ISC) message server API that allowed an authenticated user to exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants.
References
Link | Resource |
---|---|
https://www.sailpoint.com/security-advisories/ |
Configurations
No configuration.
History
15 May 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-15 16:15
Updated : 2024-05-15 16:40
NVD link : CVE-2024-3317
Mitre link : CVE-2024-3317
CVE.ORG link : CVE-2024-3317
JSON object : View
Products Affected
No product.
CWE
CWE-1284
Improper Validation of Specified Quantity in Input