Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SailPoint Identity Security Cloud Connector File Path Traversal Vulnerability
Vulnerability Description
A file path traversal vulnerability was identified in the DelimitedFileConnector Cloud Connector that allowed an authenticated administrator to set arbitrary connector attributes, including the “file“ attribute, which in turn allowed the user to access files uploaded for other sources.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
SailPoint Delimited File Connector 安全漏洞
Vulnerability Description
SailPoint Delimited File Connector是SailPoint公司的一种只读且规则驱动的连接器。 SailPoint Delimited File Connector存在安全漏洞,该漏洞源于存在文件路径遍历漏洞,允许经过身份验证的管理员设置任意连接器属性,从而允许用户访问其他源上传的文件。
CVSS Information
N/A
Vulnerability Type
N/A