CVE-2026-55670
Gravedad CVSS v4.0:
BAJA
Tipo:
CWE-284
Control de acceso incorrecto
Fecha de publicación:
10/07/2026
Última modificación:
10/07/2026
Descripción
*** Pendiente de traducción *** ZITADEL is an open source identity management platform. Prior to 4.15.1, ZITADEL's event store validation can retain the original resource owner for a deleted user identifier, causing a later user recreated with the same identifier in another organization to be provisioned under the original organization and exposed to that organization's administrator. This issue is fixed in version 4.15.2.
Impacto
Puntuación base 4.0
2.30
Gravedad 4.0
BAJA



