Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SailPoint Identity Security Cloud Improper Access Control
Vulnerability Description
An improper access control was identified in the Identity Security Cloud (ISC) message server API that allowed an authenticated user to exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
CWE-1284
Vulnerability Title
SailPoint Identity Security Cloud 安全漏洞
Vulnerability Description
SailPoint Identity Security Cloud是SailPoint公司的一个安全的身份平台。 SailPoint Identity Security Cloud存在安全漏洞,该漏洞源于存在不正确的访问控制,允许经过身份验证的用户泄露其他租户的作业处理元数据。
CVSS Information
N/A
Vulnerability Type
N/A