An improper access control was identified in the Identity Security Cloud (ISC) message server API that allowed an authenticated user to exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: SailPoint

Published: 2024-05-15T15:55:07.011Z

Updated: 2024-08-01T20:05:08.372Z

Reserved: 2024-04-04T16:14:51.162Z

Link: CVE-2024-3317

cve-icon Vulnrichment

Updated: 2024-08-01T20:05:08.372Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-15T16:15:10.727

Modified: 2024-11-21T09:29:22.997

Link: CVE-2024-3317

cve-icon Redhat

No data.