CVE-2024-23600 Information

Description

Improper Input Validation of query search results for private field data in PingIDM OPENIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure.

Reference

https://backstage.forgerock.com/knowledge/kb/article/a95212747 https://backstage.forgerock.com/docs/idcloud/latest/release-notes/regular-channel-changelog.html#changed_functionality