CVE-2024-10905

IdentityIQ Improper Access Control VulnerabilityIdentityIQ Improper Access Control Vulnerability

Description

IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions allow HTTP/HTTPS access to static content in the IdentityIQ application directory that should be protected.

INFO

Published Date :

2024-12-02T14:49:51.199Z

Last Modified :

2025-01-06T17:42:22.215Z

Source :

SailPoint

AFFECTED PRODUCTS

The following products are affected by CVE-2024-10905 vulnerability.

Vendors	Products
Sailpoint	Identityiq

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-10905.

URL	Resource
https://www.sailpoint.com/security-advisories/identityiq-improper-access-control-vulnerability-cve-2024-10905

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact