An improper access control was identified in the Identity Security Cloud (ISC) message server API that allowed an authenticated user to exfiltrate job processing metadata (opaque messageIDs, work queue depth and counts) for other tenants.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.sailpoint.com/security-advisories/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: SailPoint
Published: 2024-05-15T15:55:07.011Z
Updated: 2024-08-01T20:05:08.372Z
Reserved: 2024-04-04T16:14:51.162Z
Link: CVE-2024-3317
Vulnrichment
Updated: 2024-08-01T20:05:08.372Z
NVD
Status : Awaiting Analysis
Published: 2024-05-15T16:15:10.727
Modified: 2024-11-21T09:29:22.997
Link: CVE-2024-3317
Redhat
No data.