CVE-2024-2227

CVSS V2 None CVSS V3 None

Description

This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.20 documented in CVE-2020-6950. The remediation for this vulnerability contained in this security fix provides additional changes to the remediation announced in May 2021 tracked by ETN IIQSAW-3585 and January 2024 tracked by IIQFW-336. This vulnerability in IdentityIQ is assigned CVE-2024-2227.

Overview

CVE ID
CVE-2024-2227

Assigner
SailPoint

Vulnerability Status
PUBLISHED

Published Version
2024-03-22T15:43:12.869Z

Last Modified Date
2024-03-22T15:43:12.869Z

Weakness Enumerations

CWE	URL
CWE-22	http://cwe.mitre.org/data/definitions/22.html

References

Reference URL	Reference Tags
https://www.sailpoint.com/security-advisories/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-2227
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2227

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 23:25:35				Added to TrackCVE