Vulnerability CVE-2022-46835
Published: 2023-01-31

Description:
IdentitylQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentitylQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentitylQ 8.1 and all 8.1 patch levels prior to 8.1p7, Identity|Q 8.0 and all 8.0 patch levels prior to 8.0p6 allow access to arbitrary files in the application server filesystem due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.20 documented in CVE-2020-6950.

 References:
https://www.sailpoint.com/security-advisories/sailpoint-identityiq-file-traversal-vulnerability-cve-2022-46835/
Copyright 2024, cxsecurity.com

 

Back to Top