IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p6, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow an authenticated user to invoke a Java constructor with no arguments or a Java constructor with a single Map argument in any Java class available in the IdentityIQ application classpath.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: SailPoint

Published: 2023-05-31T00:00:00

Updated: 2024-08-02T15:10:23.943Z

Reserved: 2023-05-04T20:01:49.973Z

Link: CVE-2023-32217

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-06-05T04:15:10.927

Modified: 2024-11-21T08:02:55.330

Link: CVE-2023-32217

cve-icon Redhat

No data.