CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Saviynt 1Enterprise Identity Cloud Nov 21, 2024 Jan 24, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI. |
1Saviynt 1Enterprise Identity Cloud Nov 21, 2024 Jan 24, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local accou...Show more |