exploitDog

GHSA-44x5-vv7x-rxj5

Опубликовано: 25 янв. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.

An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.

Ссылки

EPSS

Процентиль: 38%

0.00165

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-668

Связанные уязвимости

CVE-2022-23856

CVSS3: 5.3

nvd

около 4 лет назад

An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.

EPSS

Процентиль: 38%

0.00165

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-668