An improper access control was identified in the Identity Security Cloud (ISC) message server API that allowed an authenticated user to exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants.
References
Configurations
No configuration.
History
21 Nov 2024, 09:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.sailpoint.com/security-advisories/ - | |
Summary |
|
15 May 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-15 16:15
Updated : 2024-11-21 09:29
NVD link : CVE-2024-3317
Mitre link : CVE-2024-3317
CVE.ORG link : CVE-2024-3317
JSON object : View
Products Affected
No product.
CWE
CWE-1284
Improper Validation of Specified Quantity in Input