Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_identity_cloud
(Saviynt)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-01-24 | CVE-2022-23855 | An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account. | Enterprise_identity_cloud | 9.8 | ||
| 2022-01-24 | CVE-2022-23856 | An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI. | Enterprise_identity_cloud | 5.3 |