漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
SailPoint Identity Security Cloud Connector File Path Traversal Vulnerability
Vulnerability Description
A file path traversal vulnerability was identified in the DelimitedFileConnector Cloud Connector that allowed an authenticated administrator to set arbitrary connector attributes, including the “file“ attribute, which in turn allowed the user to access files uploaded for other sources.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
SailPoint Delimited File Connector 安全漏洞
Vulnerability Description
SailPoint Delimited File Connector是SailPoint公司的一种只读且规则驱动的连接器。 SailPoint Delimited File Connector存在安全漏洞,该漏洞源于存在文件路径遍历漏洞,允许经过身份验证的管理员设置任意连接器属性,从而允许用户访问其他源上传的文件。
CVSS Information
N/A
Vulnerability Type
N/A