Soffid

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-39669	Soffidiam Soffid	Cri	0.64	9.8	0.00		Jun 27, 2024	In the Console in Soffid IAM before 3.5.39, necessary checks were not applied to some Java objects. A malicious agent could possibly execute arbitrary code in the Sync Server and compromise security.
CVE-2017-9363	Soffidiam IAM	Cri	0.64	9.8	0.04		Jun 2, 2017	Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request.

CVE-2024-39669CriJun 27, 2024
Soffidiam
Soffid
risk 0.64cvss 9.8epss 0.00
In the Console in Soffid IAM before 3.5.39, necessary checks were not applied to some Java objects. A malicious agent could possibly execute arbitrary code in the Sync Server and compromise security.
CVE-2017-9363CriJun 2, 2017
Soffidiam
IAM
risk 0.64cvss 9.8epss 0.04
Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request.