Description
An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-28781 | An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account. |
References
| Link | Providers |
|---|---|
| https://www.kb.cert.org/vuls/id/692873 |
|
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-03T03:51:45.997Z
Reserved: 2022-01-24T00:00:00.000Z
Link: CVE-2022-23855
No data.
Status : Modified
Published: 2022-01-24T02:15:06.793
Modified: 2026-06-17T04:30:53.540
Link: CVE-2022-23855
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
EUVD