CVE-2024-56404

Critical

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR) vulnerability allows privilege escalation. Only…

mitre·CWE-302·Published 2025-01-24

CVSS

9.9

EPSS

0.01

KEV

Exploits

cve.orgen

178 chars

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR) vulnerability allows privilege escalation. Only On-Premise installations are affected.

NVDen

178 chars

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR) vulnerability allows privilege escalation. Only On-Premise installations are affected.

En One Identity Identity Manager 9.x anterior a 9.3, una vulnerabilidad de referencia directa a objetos (IDOR) insegura permite la escalada de privilegios. Solo se ven afectadas las instalaciones locales.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.9	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
3.1	Primary	cve.org	9.9	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
3.1	Secondary	NVD	9.9	3.1	6.0	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H