Skip to main content

CWE-66

Improper Handling of File Names that Identify Virtual Resources

1 CVEs Avg CVSS 9.8 MITRE
1
CRITICAL
0
HIGH
0
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2024-10905 CRITICAL Act Now

IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Identityiq
NVD
CVSS 3.1
9.8
EPSS
1.0%
EPSS 1% CVSS 9.8
CRITICAL Act Now

IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Identityiq
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy