CVE-2026-5712
EUVD-2026-2626029.04.2026, 18:16
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| sailpoint | identityiq | 𝑥 < 8.3 |
| sailpoint | identityiq | 8.3 |
| sailpoint | identityiq | 8.3:patch1 |
| sailpoint | identityiq | 8.3:patch2 |
| sailpoint | identityiq | 8.3:patch4 |
| sailpoint | identityiq | 8.4 |
| sailpoint | identityiq | 8.4:patch1 |
| sailpoint | identityiq | 8.4:patch2 |
| sailpoint | identityiq | 8.5 |
| sailpoint | identityiq | 8.5:patch1 |
𝑥
= Vulnerable software versions