VYPR
Vendor

Saviynt

Products
4
CVEs
5
Across products
5
Status
Private

Products

4

Recent CVEs

5
  • CVE-2022-23855CriJan 24, 2022
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account.

  • CVE-2025-3838MedApr 21, 2025
    risk 0.40cvss epss 0.00

    An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db…

  • CVE-2025-3837MedApr 21, 2025
    risk 0.40cvss epss 0.00

    An improper input validation vulnerability is identified in the End of Life (EOL) OVA based connect component which is deployed for installation purposes in the customer internal network. This EOL component was deprecated in September 2023 with end of support extended till…

  • CVE-2022-23856MedJan 24, 2022
    risk 0.35cvss 5.3epss 0.01

    An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.

  • CVE-2025-3840LowApr 21, 2025
    risk 0.14cvss epss 0.00

    An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA based connect installer component which is deployed for installation purposes in a customer network. This EOL component was deprecated in September 2023 with end of support extended…