IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow access to arbitrary files in the application server filesystem due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.20 documented in CVE-2020-6950.
References
Link | Resource |
---|---|
https://www.sailpoint.com/security-advisories/sailpoint-identityiq-file-traversal-vulnerability-cve-2022-46835/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SailPoint
Published: 2023-01-31T00:00:00
Updated: 2023-02-02T00:00:00
Reserved: 2022-12-08T00:00:00
Link: CVE-2022-46835
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-31T15:15:08.997
Modified: 2023-02-08T02:12:20.943
Link: CVE-2022-46835
JSON object: View
Redhat Information
No data.
CWE