#CVE202410905

Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access

by

December 4, 2024 at 12:45AM A critical vulnerability (CVE-2024-10905) in SailPoint’s IdentityIQ software allows unauthorized access to application directory content, with a CVSS score of 10.0. Affected versions include 8.2, 8.3, and 8.4, along with their respective patch levels. No security advisory from SailPoint has been released yet. **Meeting Takeaways – December 4, 2024** 1. … Read more

Perfect 10 directory traversal vuln hits SailPoint’s IAM solution

by

December 3, 2024 at 06:55PM SailPoint reported a critical vulnerability (CVE-2024-10905) in its IdentityIQ IAM platform, classified as a directory traversal flaw. Customers are urged to upgrade to versions 8.4p2, 8.3p5, and 8.2p8. No advisory has been issued, and the company did not respond to inquiries about possible exploits. **Meeting Takeaways: Major Vulnerability in SailPoint … Read more