SailPoint IdentityIQ Debug UI Incorrect Authorization_CVE-2026-4857

8.4 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Description

IdentityIQ 8.5, all
IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ
8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug
Pages Read Only capability or any custom capability with the ViewAccessDebugPage
SPRight to incorrectly create new IdentityIQ objects. Until a remediating security fix or patches
containing this security fix are installed, the Debug Pages Read Only
capability and any custom capabilities that contain the ViewAccessDebugPage
SPRight should be unassigned from all identities and workgroups.

Basic Information

ID CVE-2026-4857

Source SailPoint

Published Apr 15, 2026 at 18:08

Modified Apr 15, 2026 at 18:32

Affected Product

Vendor SailPoint Technologies

Product IdentityIQ

Version 8.5

Affected Versions SailPoint Technologies IdentityIQ 8.5
SailPoint Technologies IdentityIQ 8.4

CWE Classification

CWE-863

References

www.sailpoint.com /security-advisories/sailpoint-identityiq-debug-ui-incorrect-authorization-vulnerability-cve-2026-4857

{
    "lastseen": "",
    "description": "IdentityIQ 8.5, all\nIdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ\n8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug\nPages Read Only capability or any custom capability with the ViewAccessDebugPage\nSPRight to incorrectly create new IdentityIQ objects.\u00a0 Until a remediating security fix or patches\ncontaining this security fix are installed, the Debug Pages Read Only\ncapability and any custom capabilities that contain the ViewAccessDebugPage\nSPRight should be unassigned from all identities and workgroups.",
    "published": "2026-04-15T18:08:45.737Z",
    "modified": "2026-04-15T18:32:51.546Z",
    "type": "cve",
    "title": "SailPoint IdentityIQ Debug UI Incorrect Authorization",
    "source": "SailPoint",
    "references": "https://www.sailpoint.com/security-advisories/sailpoint-identityiq-debug-ui-incorrect-authorization-vulnerability-cve-2026-4857",
    "id": "CVE-2026-4857",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "SailPoint Technologies IdentityIQ 8.5\nSailPoint Technologies IdentityIQ 8.4",
    "sourceHref": "",
    "cvss": {
        "score": 8.4,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "IdentityIQ",
    "version": "8.5",
    "vendor": "SailPoint Technologies",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}