Browse all 9 CVE security advisories affecting SailPoint. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SailPoint provides identity governance and administration solutions to manage user access across enterprise systems. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, with nine CVEs currently recorded. The platform's complex integrations and extensive API surface have contributed to security flaws. While no major public incidents have been widely reported, the presence of multiple CVEs indicates potential attack vectors. Organizations using SailPoint should prioritize regular patching and access control reviews to mitigate risks associated with these vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-2228 | IdentityIQ Authorization of QuickLink Target Identities Vulnerability — IdentityIQCWE-269 | 7.1 | High | 2024-03-22 |
| CVE-2024-2227 | IdentityIQ JavaServer Faces File Path Traversal Vulnerability — IdentityIQCWE-22 | 10.0 | Critical | 2024-03-22 |
| CVE-2024-1714 | Access Request for Entitlement Values with Leading/Trailing Whitespace — IdentityIQCWE-20 | 7.1 | High | 2024-02-21 |
| CVE-2023-32217 | SailPoint IdentityIQ Unsafe use of Reflection Vulnerability — IdentityIQCWE-470 | 9.0 | Critical | 2023-05-31 |
| CVE-2022-45435 | SailPoint IdentityIQ Access Control Bypass — IdentityIQCWE-863 | 6.8 | Medium | 2023-01-31 |
| CVE-2022-46835 | SailPoint IdentityIQ JavaServer File Path Traversal Vulnerability — IdentityIQCWE-22 | 8.8 | High | 2023-01-31 |
This page lists every published CVE security advisory associated with SailPoint. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.