Описание
An issue was identified in the Identity Security Cloud (ISC) Transform preview and IdentityProfile preview API endpoints that allowed an authenticated administrator to execute user-defined templates as part of attribute transforms which could allow remote code execution on the host.
EPSS
Процентиль: 88%
0.03831
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.1
github
больше 1 года назад
An issue was identified in the Identity Security Cloud (ISC) Transform preview and IdentityProfile preview API endpoints that allowed an authenticated administrator to execute user-defined templates as part of attribute transforms which could allow remote code execution on the host.
EPSS
Процентиль: 88%
0.03831
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-94