Sailpoint Identityiq
7 CVEs affecting Sailpoint Identityiq. Latest disclosed: 2026-04-29. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2227 | Critical | 10.0 | 2024-03-22 | This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.2… |
CVE-2023-32217 | Critical | 9.0 | 2023-05-31 | IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p6, IdentityIQ 8.1 and all 8.1 patch levels prior t… |
CVE-2022-46835 | High | 8.8 | 2023-01-31 | IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior t… |
CVE-2026-5712 | High | 8.0 | 2026-04-29 | This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definit… |
CVE-2024-2228 | High | 7.1 | 2024-03-22 | This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Popul… |
CVE-2024-1714 | High | 7.1 | 2024-02-21 | An issue exists in all supported versions of IdentityIQ Lifecycle Manager that can result if an entitlement with a value containing leading or trailing whitesp… |
CVE-2022-45435 | Medium | 6.8 | 2023-01-31 | IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior t… |