High severity8.0NVD Advisory· Published Apr 29, 2026· Updated May 5, 2026
CVE-2026-5712
CVE-2026-5712
Description
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:sailpoint:identityiq:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:sailpoint:identityiq:*:*:*:*:*:*:*:*range: <8.3
- cpe:2.3:a:sailpoint:identityiq:8.3:-:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.3:patch1:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.3:patch2:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.3:patch4:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.4:-:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.4:patch1:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.4:patch2:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.5:-:*:*:*:*:*:*
- cpe:2.3:a:sailpoint:identityiq:8.5:patch1:*:*:*:*:*:*
- (no CPE)range: all versions
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.