December 6, 2024 at 12:55AM SailPoint warned of a critical vulnerability (CVE-2024-10905) in its IdentityIQ IAM platform that allows unauthorized access to files due to improper access control. Affected versions have a CVSS score of 10/10. E-fixes are available, and users are urged to update promptly to prevent potential data compromise. **Meeting Takeaways: SailPoint IdentityIQ … Read more
December 4, 2024 at 12:45AM A critical vulnerability (CVE-2024-10905) in SailPoint’s IdentityIQ software allows unauthorized access to application directory content, with a CVSS score of 10.0. Affected versions include 8.2, 8.3, and 8.4, along with their respective patch levels. No security advisory from SailPoint has been released yet. **Meeting Takeaways – December 4, 2024** 1. … Read more
December 3, 2024 at 06:55PM SailPoint reported a critical vulnerability (CVE-2024-10905) in its IdentityIQ IAM platform, classified as a directory traversal flaw. Customers are urged to upgrade to versions 8.4p2, 8.3p5, and 8.2p8. No advisory has been issued, and the company did not respond to inquiries about possible exploits. **Meeting Takeaways: Major Vulnerability in SailPoint … Read more