Unrated severityNVD Advisory· Published May 31, 2023· Updated Jan 10, 2025
SailPoint IdentityIQ Unsafe use of Reflection Vulnerability
CVE-2023-32217
Description
IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p6, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow an authenticated user to invoke a Java constructor with no arguments or a Java constructor with a single Map argument in any Java class available in the IdentityIQ application classpath.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2prior to 8.3p3, 8.2p6, 8.1p7, 8.0p6+ 1 more
- (no CPE)range: prior to 8.3p3, 8.2p6, 8.1p7, 8.0p6
- (no CPE)range: 8.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.