Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    32 vulnerabilities found for PingFederate by Ping Identity

    CVE-2025-26862 (GCVE-0-2025-26862)

    Vulnerability from nvd – Published: 2025-10-27 14:39 – Updated: 2025-10-27 14:48
    VLAI
    Title
    PingFederate unexpected browser flow initiation in redirectless mode
    Summary
    Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-307 - Improper Restriction of Excessive Authentication Attempts
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3.0 , < 11.3.14 (custom)
    Affected: 12.0.0 , < 12.0.10 (custom)
    Affected: 12.1.0 , < 12.1.9 (custom)
    Affected: 12.2.0 , < 12.2.6 (custom)
    Affected: 12.3.0 , < 12.3.3 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-26862",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-27T14:48:01.060548Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-27T14:48:11.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HTML Form Adapter"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "11.3.14",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.0.10",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.1.9",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.2.6",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.3.3",
                  "status": "affected",
                  "version": "12.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.3.14",
                      "versionStartIncluding": "11.3.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.0.10",
                      "versionStartIncluding": "12.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.9",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.2.6",
                      "versionStartIncluding": "12.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.3.3",
                      "versionStartIncluding": "12.3.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks."
                }
              ],
              "value": "Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-112",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-112 Brute Force"
                }
              ]
            },
            {
              "capecId": "CAPEC-114",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-114 Authentication Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "PRESENT",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y/RE:L/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-307",
                  "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-27T14:39:41.284Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://support.pingidentity.com/s/article/PingFederate-unexpected-template-rendering-in-redirectless-mode"
            },
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate unexpected browser flow initiation in redirectless mode",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2025-26862",
        "datePublished": "2025-10-27T14:39:41.284Z",
        "dateReserved": "2025-04-16T01:21:55.185Z",
        "dateUpdated": "2025-10-27T14:48:11.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-25573 (GCVE-0-2024-25573)

    Vulnerability from nvd – Published: 2025-06-15 15:25 – Updated: 2025-06-16 18:05
    VLAI
    Title
    Stored Cross-Site Scripting in Administrative Console Context
    Summary
    Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 12.1.0 , ≤ 12.1.4 (custom)
    Affected: 12.0.0 , ≤ 12.0.6 (custom)
    Affected: 11.3.0 , ≤ 11.3.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.10 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-25573",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-16T18:05:33.459980Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:05:43.793Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "12.1.4",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "12.0.6",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.9",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.10",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eUnsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:P/AU:N/R:U/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-15T15:25:38.540Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://docs.pingidentity.com/pingfederate/12.1/release_notes/pf_release_notes.html"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            }
          ],
          "source": {
            "advisory": "SECADV048",
            "defect": [
              "PF-36304",
              "PF-36311",
              "PF-36313"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Stored Cross-Site Scripting in Administrative Console Context",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-25573",
        "datePublished": "2025-06-15T15:25:38.540Z",
        "dateReserved": "2024-02-29T23:52:30.507Z",
        "dateUpdated": "2025-06-16T18:05:43.793Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-22854 (GCVE-0-2025-22854)

    Vulnerability from nvd – Published: 2025-06-15 15:00 – Updated: 2025-06-16 18:07
    VLAI
    Title
    Possible thread exhaustion from processing http responses in PingFederate Google Adapter
    Summary
    Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-394 - Unexpected Status Code or Return Value
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 1.0.1 , < 1.5.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22854",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-16T18:07:24.657856Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:07:39.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "Google Adapter",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "1.5.2",
                  "status": "affected",
                  "version": "1.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper handling of non-200 http responses in\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;the PingFederate Google Adapter\u003c/span\u003e\u0026nbsp;leads to thread exhaustion under normal usage conditions."
                }
              ],
              "value": "Improper handling of non-200 http responses in\u00a0the PingFederate Google Adapter\u00a0leads to thread exhaustion under normal usage conditions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            },
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/S:P/AU:Y/R:A/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-394",
                  "description": "CWE-394 Unexpected Status Code or Return Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-15T15:00:06.010Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://docs.pingidentity.com/integrations/google/google_login_integration_kit/pf_google_cic_changelog.html"
            }
          ],
          "source": {
            "advisory": "SECADV048",
            "defect": [
              "IK-3678"
            ],
            "discovery": "USER"
          },
          "title": "Possible thread exhaustion from processing http responses in PingFederate Google Adapter",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2025-22854",
        "datePublished": "2025-06-15T15:00:06.010Z",
        "dateReserved": "2025-01-13T16:41:43.959Z",
        "dateUpdated": "2025-06-16T18:07:39.037Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-21085 (GCVE-0-2025-21085)

    Vulnerability from nvd – Published: 2025-06-15 14:25 – Updated: 2025-06-16 18:08
    VLAI
    Title
    PingFederate OAuth Grant attribute duplication may use excessive memory
    Summary
    PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-462 - Duplicate Key in Associative List
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 12.2.0 , < 12.2.4 (custom)
    Affected: 12.1.0 , < 12.1.9 (custom)
    Affected: 12.0 , < 12.0.9 (custom)
    Affected: 11.3.0 , < 11.3.13 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-21085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-16T18:08:12.829414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:08:20.514Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "PostgreSQL"
              ],
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "12.2.4",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.1.9",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.0.9",
                  "status": "affected",
                  "version": "12.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.3.13",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization."
                }
              ],
              "value": "PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 2.1,
                "baseSeverity": "LOW",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:P/AU:Y/R:A/RE:L/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-462",
                  "description": "CWE-462 Duplicate Key in Associative List",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-15T14:25:39.067Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "mitigation"
              ],
              "url": "https://support.pingidentity.com/s/article/PingFederate-grant-attribute-duplication-with-PostgreSQL"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "PingFederate OAuth Grant attribute duplication may use excessive memory",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Configuration options to mitigate:\u003cbr\u003e\u003cul\u003e\u003cli\u003eMinimum Interval to Roll Refresh Tokens\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRefresh Token Rolling Grace Period (Seconds)\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "Configuration options to mitigate:\n  *  Minimum Interval to Roll Refresh Tokens\n  *  Refresh Token Rolling Grace Period (Seconds)"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2025-21085",
        "datePublished": "2025-06-15T14:25:39.067Z",
        "dateReserved": "2025-04-16T01:21:55.198Z",
        "dateUpdated": "2025-06-16T18:08:20.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22477 (GCVE-0-2024-22477)

    Vulnerability from nvd – Published: 2024-07-09 23:01 – Updated: 2024-08-01 22:51
    VLAI
    Title
    PingFederate OIDC Policy Management Editor Cross-Site Scripting
    Summary
    A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
    Affected: 12.0.0 (custom)
    Affected: 10.3.0 , ≤ 10.3.13 (custom)
    Create a notification for this product.
    Date Public
    2024-07-09 22:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22477",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-10T13:29:31.833138Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-10T13:30:14.614Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:09.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.9",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.9",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.8",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.4",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.13",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
                }
              ],
              "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
            }
          ],
          "datePublic": "2024-07-09T22:27:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.\u003cbr\u003e"
                }
              ],
              "value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T23:01:28.611Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate OIDC Policy Management Editor Cross-Site Scripting",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-22477",
        "datePublished": "2024-07-09T23:01:28.611Z",
        "dateReserved": "2024-01-17T17:27:24.603Z",
        "dateUpdated": "2024-08-01T22:51:09.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22377 (GCVE-0-2024-22377)

    Vulnerability from nvd – Published: 2024-07-09 23:03 – Updated: 2024-08-01 22:43
    VLAI
    Title
    PingFederate Runtime Node Path Traversal
    Summary
    The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
    Affected: 12.0.0 (custom)
    Affected: 10.3.0 , ≤ 10.3.13 (custom)
    Create a notification for this product.
    pingidentity pingfederate Affected: 10.3.0 , ≤ 10.3.13 (custom)
    Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
        cpe:2.3:a:pingidentity:pingfederate:10.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 12.0.0
        cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-09 22:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:10.3.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "10.3.13",
                    "status": "affected",
                    "version": "10.3.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.0.9",
                    "status": "affected",
                    "version": "11.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.1.9",
                    "status": "affected",
                    "version": "11.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.2.8",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.3.4",
                    "status": "affected",
                    "version": "11.3.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "status": "affected",
                    "version": "12.0.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T13:15:10.302158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-23T16:13:24.203Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:43:34.512Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.9",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.9",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.8",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.4",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.13",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
                }
              ],
              "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
            }
          ],
          "datePublic": "2024-07-09T22:27:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.\u003cbr\u003e"
                }
              ],
              "value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T23:03:27.722Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate Runtime Node Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The deploy directory can be restricted by making changes to runtime jetty configuration.\u0026nbsp;\u0026nbsp;\u003cbr\u003e"
                }
              ],
              "value": "The deploy directory can be restricted by making changes to runtime jetty configuration."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-22377",
        "datePublished": "2024-07-09T23:03:27.722Z",
        "dateReserved": "2024-01-17T17:27:24.578Z",
        "dateUpdated": "2024-08-01T22:43:34.512Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-21832 (GCVE-0-2024-21832)

    Vulnerability from nvd – Published: 2024-07-09 23:04 – Updated: 2024-08-01 22:27
    VLAI
    Title
    PingFederate REST API Data Store Injection
    Summary
    A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
    Affected: 12.0.0 (custom)
    Create a notification for this product.
    Date Public
    2024-07-09 22:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21832",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-10T14:02:13.851282Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-10T14:03:06.101Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:27:36.324Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.9",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.9",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.8",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.4",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PingFederate instances running on vulnerable versions with REST data stores using the POST method and a JSON request body may be vulnerable to this issue.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "PingFederate instances running on vulnerable versions with REST data stores using the POST method and a JSON request body may be vulnerable to this issue."
            }
          ],
          "datePublic": "2024-07-09T22:27:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.\u003cbr\u003e"
                }
              ],
              "value": "A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-242",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-242 Code Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T23:04:55.088Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate REST API Data Store Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "REST data stores using the POST method and a JSON request body should not be configured with variable references in the POST body.\u003cbr\u003e"
                }
              ],
              "value": "REST data stores using the POST method and a JSON request body should not be configured with variable references in the POST body."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-21832",
        "datePublished": "2024-07-09T23:04:55.088Z",
        "dateReserved": "2024-01-17T17:27:24.589Z",
        "dateUpdated": "2024-08-01T22:27:36.324Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40148 (GCVE-0-2023-40148)

    Vulnerability from nvd – Published: 2024-04-10 00:03 – Updated: 2024-08-12 15:09
    VLAI
    Title
    PingFederate Server Side Request Forgery vulnerability
    Summary
    Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
    Affected: 11.2.0 , ≤ 11.2.7 (custom)
    Affected: 11.1.0 , ≤ 11.1.8 (custom)
    Affected: 11.0.0 , ≤ 11.0.8 (custom)
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.0.0 , ≤ 11.0.8 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.1.0 , ≤ 11.1.8 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.2.0 , ≤ 11.2.7 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:24:55.608Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/tuj1708533127032"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.0.8",
                    "status": "affected",
                    "version": "11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.1.8",
                    "status": "affected",
                    "version": "11.1.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.2.7",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.3.2",
                    "status": "affected",
                    "version": "11.3.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40148",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-12T15:05:58.396831Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-12T15:09:02.174Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.2",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.7",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.8",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.0.8",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.\u003cbr\u003e"
                }
              ],
              "value": "Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-309",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-309 Network Topology Mapping"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-10T00:03:31.966Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/tuj1708533127032"
            },
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
            }
          ],
          "source": {
            "advisory": "SECADV041",
            "defect": [
              "PF-34646"
            ],
            "discovery": "INTERNAL"
          },
          "title": "PingFederate Server Side Request Forgery vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-40148",
        "datePublished": "2024-04-10T00:03:31.966Z",
        "dateReserved": "2023-08-25T16:59:38.680Z",
        "dateUpdated": "2024-08-12T15:09:02.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40545 (GCVE-0-2023-40545)

    Vulnerability from nvd – Published: 2024-02-06 17:27 – Updated: 2024-08-22 16:53
    VLAI
    Title
    PingFederate OAuth client_secret_jwt Authentication Bypass
    Summary
    Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
        cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.649Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.3.2",
                    "status": "affected",
                    "version": "11.3.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40545",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-22T16:50:41.466461Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-22T16:53:12.079Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.2",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthentication\u0026nbsp;bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Authentication\u00a0bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T17:28:00.505Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
            },
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
            }
          ],
          "source": {
            "advisory": "SECADV040",
            "defect": [
              "PF-34645"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate OAuth client_secret_jwt Authentication Bypass",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-40545",
        "datePublished": "2024-02-06T17:27:42.361Z",
        "dateReserved": "2023-08-25T16:59:38.674Z",
        "dateUpdated": "2024-08-22T16:53:12.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39219 (GCVE-0-2023-39219)

    Vulnerability from nvd – Published: 2023-10-25 01:44 – Updated: 2025-06-12 14:58
    VLAI
    Title
    Admin Console Denial of Service via Java class enumeration
    Summary
    PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3 , ≤ 11.3.0 (custom)
    Affected: 11.2.0 , ≤ 11.2.6 (custom)
    Affected: 11.1.0 , ≤ 11.1.7 (custom)
    Affected: 10.3.0 , ≤ 10.3.12 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:02:06.169Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39219",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-12T14:58:09.523502Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-12T14:58:40.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.0",
                  "status": "affected",
                  "version": "11.3",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.6",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.7",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.12",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-131",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-131 Resource Leak Exposure"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T01:44:44.362Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
            }
          ],
          "source": {
            "advisory": "SECADV037",
            "defect": [
              "PF-33449"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Admin Console Denial of Service via Java class enumeration",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-39219",
        "datePublished": "2023-10-25T01:44:44.362Z",
        "dateReserved": "2023-07-25T20:13:14.871Z",
        "dateUpdated": "2025-06-12T14:58:40.168Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37283 (GCVE-0-2023-37283)

    Vulnerability from nvd – Published: 2023-10-25 01:24 – Updated: 2024-08-02 17:09
    VLAI
    Title
    Authentication Bypass via HTML Form & Identifier First Adapter
    Summary
    Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3 , ≤ 11.3.0 (custom)
    Affected: 11.2.0 , ≤ 11.2.6 (custom)
    Affected: 11.1.0 , ≤ 11.1.7 (custom)
    Affected: 10.3.0 , ≤ 10.3.12 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:09:34.014Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.0",
                  "status": "affected",
                  "version": "11.3",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.6",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.7",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.12",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T01:24:47.780Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
            }
          ],
          "source": {
            "advisory": "SECADV037",
            "defect": [
              "PF-34017"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Authentication Bypass via HTML Form \u0026 Identifier First Adapter",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-37283",
        "datePublished": "2023-10-25T01:24:47.780Z",
        "dateReserved": "2023-07-25T20:13:14.866Z",
        "dateUpdated": "2024-08-02T17:09:34.014Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-34085 (GCVE-0-2023-34085)

    Vulnerability from nvd – Published: 2023-10-25 02:03 – Updated: 2024-09-10 15:05
    VLAI
    Title
    User Attribute Disclosure via DynamoDB Data Stores
    Summary
    When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3 , ≤ 11.3.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:01:53.879Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-34085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T15:00:49.766852Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T15:05:08.099Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.0",
                  "status": "affected",
                  "version": "11.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AWS DynamoDB as user attribute store"
                }
              ],
              "value": "AWS DynamoDB as user attribute store"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eWhen an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-359",
                  "description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T02:03:56.433Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
            }
          ],
          "source": {
            "advisory": "SECADV037",
            "defect": [
              "PF-33935"
            ],
            "discovery": "INTERNAL"
          },
          "title": "User Attribute Disclosure via DynamoDB Data Stores",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-34085",
        "datePublished": "2023-10-25T02:03:56.433Z",
        "dateReserved": "2023-07-25T20:13:14.876Z",
        "dateUpdated": "2024-09-10T15:05:08.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-40724 (GCVE-0-2022-40724)

    Vulnerability from nvd – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
    VLAI
    Title
    Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint.
    Summary
    The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 10.3.0 , < 10.3.0* (custom)
    Affected: 10.3.11 , ≤ 10.3.11 (custom)
    Affected: 11.0.0 , < 11.0.0* (custom)
    Affected: 11.0.6 , ≤ 11.0.6 (custom)
    Affected: 11.1.0 , < 11.1.0* (custom)
    Affected: 11.1.5 , ≤ 11.1.5 (custom)
    Affected: 11.2.0 , < 11.2.0* (custom)
    Affected: 11.2.2 , ≤ 11.2.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:21:46.720Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-40724",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-04T14:48:27.864493Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-04T14:48:33.050Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "10.3.0*",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.11",
                  "status": "affected",
                  "version": "10.3.11",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.0.0*",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.0.6",
                  "status": "affected",
                  "version": "11.0.6",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.1.0*",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.5",
                  "status": "affected",
                  "version": "11.1.5",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.2.0*",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.2",
                  "status": "affected",
                  "version": "11.2.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The PingFederate Local Identity Profiles \u0027/pf/idprofile.ping\u0027 endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "remediationLevel": "UNAVAILABLE",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H/E:H/RL:U/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-25T00:00:00.000Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
            }
          ],
          "source": {
            "advisory": "SECADV033",
            "defect": [
              "PF-32805"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint."
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2022-40724",
        "datePublished": "2023-04-25T00:00:00.000Z",
        "dateReserved": "2022-09-14T00:00:00.000Z",
        "dateUpdated": "2025-02-04T14:48:33.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23722 (GCVE-0-2022-23722)

    Vulnerability from nvd – Published: 2022-05-02 22:05 – Updated: 2024-08-03 03:51
    VLAI
    Title
    PingFederate Password Reset via Authentication API Mishandling
    Summary
    When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.
    Severity
    No CVSS data available.
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0 , ≤ 11.0 (custom)
    Affected: 10.3 , ≤ 10.3.4 (custom)
    Affected: 10.2 , ≤ 10.2.7 (custom)
    Affected: 10.1 , ≤ 10.1.9 (custom)
    Affected: 10.0 , ≤ 10.0.12 (custom)
    Affected: 9.3 , ≤ 9.3.3P16 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:46.174Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.4",
                  "status": "affected",
                  "version": "10.3",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.2.7",
                  "status": "affected",
                  "version": "10.2",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.1.9",
                  "status": "affected",
                  "version": "10.1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.12",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.3.3P16",
                  "status": "affected",
                  "version": "9.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-05-02T22:05:13.000Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
            }
          ],
          "source": {
            "advisory": "SECBL021",
            "defect": [
              "PF-30450"
            ],
            "discovery": "INTERNAL"
          },
          "title": "PingFederate Password Reset via Authentication API Mishandling",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "responsible-disclosure@pingidentity.com",
              "ID": "CVE-2022-23722",
              "STATE": "PUBLIC",
              "TITLE": "PingFederate Password Reset via Authentication API Mishandling"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PingFederate",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "11.0",
                                "version_value": "11.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.3",
                                "version_value": "10.3.4"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.2",
                                "version_value": "10.2.7"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.1",
                                "version_value": "10.1.9"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.0",
                                "version_value": "10.0.12"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "9.3",
                                "version_value": "9.3.3P16"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ping Identity"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
                  "refsource": "MISC",
                  "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
                },
                {
                  "name": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html",
                  "refsource": "MISC",
                  "url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
                }
              ]
            },
            "source": {
              "advisory": "SECBL021",
              "defect": [
                "PF-30450"
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2022-23722",
        "datePublished": "2022-05-02T22:05:13.000Z",
        "dateReserved": "2022-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:51:46.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-42000 (GCVE-0-2021-42000)

    Vulnerability from nvd – Published: 2022-02-10 22:30 – Updated: 2024-08-04 03:22
    VLAI
    Title
    Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows
    Summary
    When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 9.3.3-P15 , < 9.3.0* (custom)
    Affected: 10.0.11 , < 10.0.0* (custom)
    Affected: 10.1.8 , < 10.1.0* (custom)
    Affected: 10.2.6 , < 10.2.0* (custom)
    Affected: 10.3.2 , < 10.3.0* (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:22:25.779Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "9.3.0*",
                  "status": "affected",
                  "version": "9.3.3-P15",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.0.0*",
                  "status": "affected",
                  "version": "10.0.11",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.1.0*",
                  "status": "affected",
                  "version": "10.1.8",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.2.0*",
                  "status": "affected",
                  "version": "10.2.6",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.3.0*",
                  "status": "affected",
                  "version": "10.3.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-10T22:30:11.000Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "PingFederate product patched versions 9.3.3-P16, 10.0.12, 10.1.9, 10.2.7, 10.3.3"
            }
          ],
          "source": {
            "advisory": "SECBL020",
            "defect": [
              "PF-29924"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "responsible-disclosure@pingidentity.com",
              "ID": "CVE-2021-42000",
              "STATE": "PUBLIC",
              "TITLE": "Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PingFederate",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_name": "9.3.0",
                                "version_value": "9.3.3-P15"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.0.0",
                                "version_value": "10.0.11"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.1.0",
                                "version_value": "10.1.8"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.2.0",
                                "version_value": "10.2.6"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.3.0",
                                "version_value": "10.3.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ping Identity"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-285 Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
                  "refsource": "MISC",
                  "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
                },
                {
                  "name": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html",
                  "refsource": "MISC",
                  "url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "PingFederate product patched versions 9.3.3-P16, 10.0.12, 10.1.9, 10.2.7, 10.3.3"
              }
            ],
            "source": {
              "advisory": "SECBL020",
              "defect": [
                "PF-29924"
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2021-42000",
        "datePublished": "2022-02-10T22:30:11.000Z",
        "dateReserved": "2021-10-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:22:25.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-26862 (GCVE-0-2025-26862)

    Vulnerability from cvelistv5 – Published: 2025-10-27 14:39 – Updated: 2025-10-27 14:48
    VLAI
    Title
    PingFederate unexpected browser flow initiation in redirectless mode
    Summary
    Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-307 - Improper Restriction of Excessive Authentication Attempts
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3.0 , < 11.3.14 (custom)
    Affected: 12.0.0 , < 12.0.10 (custom)
    Affected: 12.1.0 , < 12.1.9 (custom)
    Affected: 12.2.0 , < 12.2.6 (custom)
    Affected: 12.3.0 , < 12.3.3 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-26862",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-27T14:48:01.060548Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-27T14:48:11.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HTML Form Adapter"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "11.3.14",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.0.10",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.1.9",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.2.6",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.3.3",
                  "status": "affected",
                  "version": "12.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "11.3.14",
                      "versionStartIncluding": "11.3.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.0.10",
                      "versionStartIncluding": "12.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.1.9",
                      "versionStartIncluding": "12.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.2.6",
                      "versionStartIncluding": "12.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:ping_identity:pingfederate:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "12.3.3",
                      "versionStartIncluding": "12.3.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks."
                }
              ],
              "value": "Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-112",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-112 Brute Force"
                }
              ]
            },
            {
              "capecId": "CAPEC-114",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-114 Authentication Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "NOT_DEFINED",
                "Safety": "PRESENT",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y/RE:L/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-307",
                  "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-27T14:39:41.284Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://support.pingidentity.com/s/article/PingFederate-unexpected-template-rendering-in-redirectless-mode"
            },
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate unexpected browser flow initiation in redirectless mode",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2025-26862",
        "datePublished": "2025-10-27T14:39:41.284Z",
        "dateReserved": "2025-04-16T01:21:55.185Z",
        "dateUpdated": "2025-10-27T14:48:11.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-25573 (GCVE-0-2024-25573)

    Vulnerability from cvelistv5 – Published: 2025-06-15 15:25 – Updated: 2025-06-16 18:05
    VLAI
    Title
    Stored Cross-Site Scripting in Administrative Console Context
    Summary
    Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 12.1.0 , ≤ 12.1.4 (custom)
    Affected: 12.0.0 , ≤ 12.0.6 (custom)
    Affected: 11.3.0 , ≤ 11.3.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.10 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-25573",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-16T18:05:33.459980Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:05:43.793Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "12.1.4",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "12.0.6",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.9",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.10",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eUnsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NO",
                "Recovery": "USER",
                "Safety": "PRESENT",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:P/AU:N/R:U/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-15T15:25:38.540Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://docs.pingidentity.com/pingfederate/12.1/release_notes/pf_release_notes.html"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            }
          ],
          "source": {
            "advisory": "SECADV048",
            "defect": [
              "PF-36304",
              "PF-36311",
              "PF-36313"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Stored Cross-Site Scripting in Administrative Console Context",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-25573",
        "datePublished": "2025-06-15T15:25:38.540Z",
        "dateReserved": "2024-02-29T23:52:30.507Z",
        "dateUpdated": "2025-06-16T18:05:43.793Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-22854 (GCVE-0-2025-22854)

    Vulnerability from cvelistv5 – Published: 2025-06-15 15:00 – Updated: 2025-06-16 18:07
    VLAI
    Title
    Possible thread exhaustion from processing http responses in PingFederate Google Adapter
    Summary
    Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-394 - Unexpected Status Code or Return Value
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 1.0.1 , < 1.5.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22854",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-16T18:07:24.657856Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:07:39.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "packageName": "Google Adapter",
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "1.5.2",
                  "status": "affected",
                  "version": "1.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper handling of non-200 http responses in\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;the PingFederate Google Adapter\u003c/span\u003e\u0026nbsp;leads to thread exhaustion under normal usage conditions."
                }
              ],
              "value": "Improper handling of non-200 http responses in\u00a0the PingFederate Google Adapter\u00a0leads to thread exhaustion under normal usage conditions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            },
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/S:P/AU:Y/R:A/RE:M/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "MODERATE"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-394",
                  "description": "CWE-394 Unexpected Status Code or Return Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-15T15:00:06.010Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "tags": [
                "release-notes"
              ],
              "url": "https://docs.pingidentity.com/integrations/google/google_login_integration_kit/pf_google_cic_changelog.html"
            }
          ],
          "source": {
            "advisory": "SECADV048",
            "defect": [
              "IK-3678"
            ],
            "discovery": "USER"
          },
          "title": "Possible thread exhaustion from processing http responses in PingFederate Google Adapter",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2025-22854",
        "datePublished": "2025-06-15T15:00:06.010Z",
        "dateReserved": "2025-01-13T16:41:43.959Z",
        "dateUpdated": "2025-06-16T18:07:39.037Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-21085 (GCVE-0-2025-21085)

    Vulnerability from cvelistv5 – Published: 2025-06-15 14:25 – Updated: 2025-06-16 18:08
    VLAI
    Title
    PingFederate OAuth Grant attribute duplication may use excessive memory
    Summary
    PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-462 - Duplicate Key in Associative List
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 12.2.0 , < 12.2.4 (custom)
    Affected: 12.1.0 , < 12.1.9 (custom)
    Affected: 12.0 , < 12.0.9 (custom)
    Affected: 11.3.0 , < 11.3.13 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-21085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-16T18:08:12.829414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:08:20.514Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "PostgreSQL"
              ],
              "platforms": [
                "Windows",
                "Linux"
              ],
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "12.2.4",
                  "status": "affected",
                  "version": "12.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.1.9",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "12.0.9",
                  "status": "affected",
                  "version": "12.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.3.13",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization."
                }
              ],
              "value": "PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-130",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-130 Excessive Allocation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "AUTOMATIC",
                "Safety": "PRESENT",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 2.1,
                "baseSeverity": "LOW",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:P/AU:Y/R:A/RE:L/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-462",
                  "description": "CWE-462 Duplicate Key in Associative List",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-15T14:25:39.067Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "mitigation"
              ],
              "url": "https://support.pingidentity.com/s/article/PingFederate-grant-attribute-duplication-with-PostgreSQL"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "PingFederate OAuth Grant attribute duplication may use excessive memory",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Configuration options to mitigate:\u003cbr\u003e\u003cul\u003e\u003cli\u003eMinimum Interval to Roll Refresh Tokens\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRefresh Token Rolling Grace Period (Seconds)\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
                }
              ],
              "value": "Configuration options to mitigate:\n  *  Minimum Interval to Roll Refresh Tokens\n  *  Refresh Token Rolling Grace Period (Seconds)"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2025-21085",
        "datePublished": "2025-06-15T14:25:39.067Z",
        "dateReserved": "2025-04-16T01:21:55.198Z",
        "dateUpdated": "2025-06-16T18:08:20.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-21832 (GCVE-0-2024-21832)

    Vulnerability from cvelistv5 – Published: 2024-07-09 23:04 – Updated: 2024-08-01 22:27
    VLAI
    Title
    PingFederate REST API Data Store Injection
    Summary
    A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
    Affected: 12.0.0 (custom)
    Create a notification for this product.
    Date Public
    2024-07-09 22:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21832",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-10T14:02:13.851282Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-10T14:03:06.101Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:27:36.324Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.9",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.9",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.8",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.4",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "PingFederate instances running on vulnerable versions with REST data stores using the POST method and a JSON request body may be vulnerable to this issue.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "PingFederate instances running on vulnerable versions with REST data stores using the POST method and a JSON request body may be vulnerable to this issue."
            }
          ],
          "datePublic": "2024-07-09T22:27:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.\u003cbr\u003e"
                }
              ],
              "value": "A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-242",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-242 Code Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T23:04:55.088Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate REST API Data Store Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "REST data stores using the POST method and a JSON request body should not be configured with variable references in the POST body.\u003cbr\u003e"
                }
              ],
              "value": "REST data stores using the POST method and a JSON request body should not be configured with variable references in the POST body."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-21832",
        "datePublished": "2024-07-09T23:04:55.088Z",
        "dateReserved": "2024-01-17T17:27:24.589Z",
        "dateUpdated": "2024-08-01T22:27:36.324Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22377 (GCVE-0-2024-22377)

    Vulnerability from cvelistv5 – Published: 2024-07-09 23:03 – Updated: 2024-08-01 22:43
    VLAI
    Title
    PingFederate Runtime Node Path Traversal
    Summary
    The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
    Affected: 12.0.0 (custom)
    Affected: 10.3.0 , ≤ 10.3.13 (custom)
    Create a notification for this product.
    pingidentity pingfederate Affected: 10.3.0 , ≤ 10.3.13 (custom)
    Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
        cpe:2.3:a:pingidentity:pingfederate:10.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 12.0.0
        cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-07-09 22:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:10.3.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "10.3.13",
                    "status": "affected",
                    "version": "10.3.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.0.9",
                    "status": "affected",
                    "version": "11.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.1.9",
                    "status": "affected",
                    "version": "11.1.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.2.8",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThanOrEqual": "11.3.4",
                    "status": "affected",
                    "version": "11.3.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "status": "affected",
                    "version": "12.0.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22377",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T13:15:10.302158Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-23T16:13:24.203Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:43:34.512Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.9",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.9",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.8",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.4",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.13",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
                }
              ],
              "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
            }
          ],
          "datePublic": "2024-07-09T22:27:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.\u003cbr\u003e"
                }
              ],
              "value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-126",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-126 Path Traversal"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T23:03:27.722Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate Runtime Node Path Traversal",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The deploy directory can be restricted by making changes to runtime jetty configuration.\u0026nbsp;\u0026nbsp;\u003cbr\u003e"
                }
              ],
              "value": "The deploy directory can be restricted by making changes to runtime jetty configuration."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-22377",
        "datePublished": "2024-07-09T23:03:27.722Z",
        "dateReserved": "2024-01-17T17:27:24.578Z",
        "dateUpdated": "2024-08-01T22:43:34.512Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-22477 (GCVE-0-2024-22477)

    Vulnerability from cvelistv5 – Published: 2024-07-09 23:01 – Updated: 2024-08-01 22:51
    VLAI
    Title
    PingFederate OIDC Policy Management Editor Cross-Site Scripting
    Summary
    A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0.0 , ≤ 11.0.9 (custom)
    Affected: 11.1.0 , ≤ 11.1.9 (custom)
    Affected: 11.2.0 , ≤ 11.2.8 (custom)
    Affected: 11.3.0 , ≤ 11.3.4 (custom)
    Affected: 12.0.0 (custom)
    Affected: 10.3.0 , ≤ 10.3.13 (custom)
    Create a notification for this product.
    Date Public
    2024-07-09 22:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-22477",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-10T13:29:31.833138Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-10T13:30:14.614Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:51:09.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.9",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.9",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.8",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.3.4",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.13",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
                }
              ],
              "value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
            }
          ],
          "datePublic": "2024-07-09T22:27:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.\u003cbr\u003e"
                }
              ],
              "value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-592",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-592 Stored XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T23:01:28.611Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate OIDC Policy Management Editor Cross-Site Scripting",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2024-22477",
        "datePublished": "2024-07-09T23:01:28.611Z",
        "dateReserved": "2024-01-17T17:27:24.603Z",
        "dateUpdated": "2024-08-01T22:51:09.905Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40148 (GCVE-0-2023-40148)

    Vulnerability from cvelistv5 – Published: 2024-04-10 00:03 – Updated: 2024-08-12 15:09
    VLAI
    Title
    PingFederate Server Side Request Forgery vulnerability
    Summary
    Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
    Affected: 11.2.0 , ≤ 11.2.7 (custom)
    Affected: 11.1.0 , ≤ 11.1.8 (custom)
    Affected: 11.0.0 , ≤ 11.0.8 (custom)
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.0.0 , ≤ 11.0.8 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.1.0 , ≤ 11.1.8 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.2.0 , ≤ 11.2.7 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
        cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:24:55.608Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/tuj1708533127032"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.0.8",
                    "status": "affected",
                    "version": "11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.1.8",
                    "status": "affected",
                    "version": "11.1.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.2.7",
                    "status": "affected",
                    "version": "11.2.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.3.2",
                    "status": "affected",
                    "version": "11.3.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40148",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-12T15:05:58.396831Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-12T15:09:02.174Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.2",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.7",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.8",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.0.8",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.\u003cbr\u003e"
                }
              ],
              "value": "Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-309",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-309 Network Topology Mapping"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-10T00:03:31.966Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/tuj1708533127032"
            },
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
            }
          ],
          "source": {
            "advisory": "SECADV041",
            "defect": [
              "PF-34646"
            ],
            "discovery": "INTERNAL"
          },
          "title": "PingFederate Server Side Request Forgery vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-40148",
        "datePublished": "2024-04-10T00:03:31.966Z",
        "dateReserved": "2023-08-25T16:59:38.680Z",
        "dateUpdated": "2024-08-12T15:09:02.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40545 (GCVE-0-2023-40545)

    Vulnerability from cvelistv5 – Published: 2024-02-06 17:27 – Updated: 2024-08-22 16:53
    VLAI
    Title
    PingFederate OAuth client_secret_jwt Authentication Bypass
    Summary
    Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
    Create a notification for this product.
    pingidentity pingfederate Affected: 11.3.0 , ≤ 11.3.2 (custom)
        cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.649Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pingfederate",
                "vendor": "pingidentity",
                "versions": [
                  {
                    "lessThanOrEqual": "11.3.2",
                    "status": "affected",
                    "version": "11.3.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40545",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-22T16:50:41.466461Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-22T16:53:12.079Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.2",
                  "status": "affected",
                  "version": "11.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthentication\u0026nbsp;bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Authentication\u00a0bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T17:28:00.505Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
            },
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
            }
          ],
          "source": {
            "advisory": "SECADV040",
            "defect": [
              "PF-34645"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "PingFederate OAuth client_secret_jwt Authentication Bypass",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-40545",
        "datePublished": "2024-02-06T17:27:42.361Z",
        "dateReserved": "2023-08-25T16:59:38.674Z",
        "dateUpdated": "2024-08-22T16:53:12.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-34085 (GCVE-0-2023-34085)

    Vulnerability from cvelistv5 – Published: 2023-10-25 02:03 – Updated: 2024-09-10 15:05
    VLAI
    Title
    User Attribute Disclosure via DynamoDB Data Stores
    Summary
    When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3 , ≤ 11.3.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:01:53.879Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-34085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T15:00:49.766852Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T15:05:08.099Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.0",
                  "status": "affected",
                  "version": "11.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "configurations": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AWS DynamoDB as user attribute store"
                }
              ],
              "value": "AWS DynamoDB as user attribute store"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eWhen an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-153",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-153 Input Data Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 2.6,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-359",
                  "description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T02:03:56.433Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
            }
          ],
          "source": {
            "advisory": "SECADV037",
            "defect": [
              "PF-33935"
            ],
            "discovery": "INTERNAL"
          },
          "title": "User Attribute Disclosure via DynamoDB Data Stores",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-34085",
        "datePublished": "2023-10-25T02:03:56.433Z",
        "dateReserved": "2023-07-25T20:13:14.876Z",
        "dateUpdated": "2024-09-10T15:05:08.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-39219 (GCVE-0-2023-39219)

    Vulnerability from cvelistv5 – Published: 2023-10-25 01:44 – Updated: 2025-06-12 14:58
    VLAI
    Title
    Admin Console Denial of Service via Java class enumeration
    Summary
    PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3 , ≤ 11.3.0 (custom)
    Affected: 11.2.0 , ≤ 11.2.6 (custom)
    Affected: 11.1.0 , ≤ 11.1.7 (custom)
    Affected: 10.3.0 , ≤ 10.3.12 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:02:06.169Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-39219",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-12T14:58:09.523502Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-12T14:58:40.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.0",
                  "status": "affected",
                  "version": "11.3",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.6",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.7",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.12",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-131",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-131 Resource Leak Exposure"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T01:44:44.362Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
            }
          ],
          "source": {
            "advisory": "SECADV037",
            "defect": [
              "PF-33449"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Admin Console Denial of Service via Java class enumeration",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-39219",
        "datePublished": "2023-10-25T01:44:44.362Z",
        "dateReserved": "2023-07-25T20:13:14.871Z",
        "dateUpdated": "2025-06-12T14:58:40.168Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37283 (GCVE-0-2023-37283)

    Vulnerability from cvelistv5 – Published: 2023-10-25 01:24 – Updated: 2024-08-02 17:09
    VLAI
    Title
    Authentication Bypass via HTML Form & Identifier First Adapter
    Summary
    Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.3 , ≤ 11.3.0 (custom)
    Affected: 11.2.0 , ≤ 11.2.6 (custom)
    Affected: 11.1.0 , ≤ 11.1.7 (custom)
    Affected: 10.3.0 , ≤ 10.3.12 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:09:34.014Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.3.0",
                  "status": "affected",
                  "version": "11.3",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.6",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.7",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.12",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T01:24:47.780Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
            }
          ],
          "source": {
            "advisory": "SECADV037",
            "defect": [
              "PF-34017"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Authentication Bypass via HTML Form \u0026 Identifier First Adapter",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2023-37283",
        "datePublished": "2023-10-25T01:24:47.780Z",
        "dateReserved": "2023-07-25T20:13:14.866Z",
        "dateUpdated": "2024-08-02T17:09:34.014Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-40724 (GCVE-0-2022-40724)

    Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
    VLAI
    Title
    Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint.
    Summary
    The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery
    Assigner
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 10.3.0 , < 10.3.0* (custom)
    Affected: 10.3.11 , ≤ 10.3.11 (custom)
    Affected: 11.0.0 , < 11.0.0* (custom)
    Affected: 11.0.6 , ≤ 11.0.6 (custom)
    Affected: 11.1.0 , < 11.1.0* (custom)
    Affected: 11.1.5 , ≤ 11.1.5 (custom)
    Affected: 11.2.0 , < 11.2.0* (custom)
    Affected: 11.2.2 , ≤ 11.2.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:21:46.720Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-40724",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-04T14:48:27.864493Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-04T14:48:33.050Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "10.3.0*",
                  "status": "affected",
                  "version": "10.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.11",
                  "status": "affected",
                  "version": "10.3.11",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.0.0*",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.0.6",
                  "status": "affected",
                  "version": "11.0.6",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.1.0*",
                  "status": "affected",
                  "version": "11.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.1.5",
                  "status": "affected",
                  "version": "11.1.5",
                  "versionType": "custom"
                },
                {
                  "lessThan": "11.2.0*",
                  "status": "affected",
                  "version": "11.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "11.2.2",
                  "status": "affected",
                  "version": "11.2.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The PingFederate Local Identity Profiles \u0027/pf/idprofile.ping\u0027 endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "remediationLevel": "UNAVAILABLE",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H/E:H/RL:U/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-25T00:00:00.000Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
            }
          ],
          "source": {
            "advisory": "SECADV033",
            "defect": [
              "PF-32805"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint."
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2022-40724",
        "datePublished": "2023-04-25T00:00:00.000Z",
        "dateReserved": "2022-09-14T00:00:00.000Z",
        "dateUpdated": "2025-02-04T14:48:33.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23722 (GCVE-0-2022-23722)

    Vulnerability from cvelistv5 – Published: 2022-05-02 22:05 – Updated: 2024-08-03 03:51
    VLAI
    Title
    PingFederate Password Reset via Authentication API Mishandling
    Summary
    When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.
    Severity
    No CVSS data available.
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 11.0 , ≤ 11.0 (custom)
    Affected: 10.3 , ≤ 10.3.4 (custom)
    Affected: 10.2 , ≤ 10.2.7 (custom)
    Affected: 10.1 , ≤ 10.1.9 (custom)
    Affected: 10.0 , ≤ 10.0.12 (custom)
    Affected: 9.3 , ≤ 9.3.3P16 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:51:46.174Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThanOrEqual": "11.0",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.3.4",
                  "status": "affected",
                  "version": "10.3",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.2.7",
                  "status": "affected",
                  "version": "10.2",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.1.9",
                  "status": "affected",
                  "version": "10.1",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.12",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.3.3P16",
                  "status": "affected",
                  "version": "9.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-05-02T22:05:13.000Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
            }
          ],
          "source": {
            "advisory": "SECBL021",
            "defect": [
              "PF-30450"
            ],
            "discovery": "INTERNAL"
          },
          "title": "PingFederate Password Reset via Authentication API Mishandling",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "responsible-disclosure@pingidentity.com",
              "ID": "CVE-2022-23722",
              "STATE": "PUBLIC",
              "TITLE": "PingFederate Password Reset via Authentication API Mishandling"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PingFederate",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "11.0",
                                "version_value": "11.0"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.3",
                                "version_value": "10.3.4"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.2",
                                "version_value": "10.2.7"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.1",
                                "version_value": "10.1.9"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "10.0",
                                "version_value": "10.0.12"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_name": "9.3",
                                "version_value": "9.3.3P16"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ping Identity"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
                  "refsource": "MISC",
                  "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
                },
                {
                  "name": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html",
                  "refsource": "MISC",
                  "url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
                }
              ]
            },
            "source": {
              "advisory": "SECBL021",
              "defect": [
                "PF-30450"
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2022-23722",
        "datePublished": "2022-05-02T22:05:13.000Z",
        "dateReserved": "2022-01-19T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:51:46.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-42000 (GCVE-0-2021-42000)

    Vulnerability from cvelistv5 – Published: 2022-02-10 22:30 – Updated: 2024-08-04 03:22
    VLAI
    Title
    Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows
    Summary
    When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ping Identity PingFederate Affected: 9.3.3-P15 , < 9.3.0* (custom)
    Affected: 10.0.11 , < 10.0.0* (custom)
    Affected: 10.1.8 , < 10.1.0* (custom)
    Affected: 10.2.6 , < 10.2.0* (custom)
    Affected: 10.3.2 , < 10.3.0* (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:22:25.779Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "PingFederate",
              "vendor": "Ping Identity",
              "versions": [
                {
                  "lessThan": "9.3.0*",
                  "status": "affected",
                  "version": "9.3.3-P15",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.0.0*",
                  "status": "affected",
                  "version": "10.0.11",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.1.0*",
                  "status": "affected",
                  "version": "10.1.8",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.2.0*",
                  "status": "affected",
                  "version": "10.2.6",
                  "versionType": "custom"
                },
                {
                  "lessThan": "10.3.0*",
                  "status": "affected",
                  "version": "10.3.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-10T22:30:11.000Z",
            "orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
            "shortName": "Ping Identity"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "PingFederate product patched versions 9.3.3-P16, 10.0.12, 10.1.9, 10.2.7, 10.3.3"
            }
          ],
          "source": {
            "advisory": "SECBL020",
            "defect": [
              "PF-29924"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "responsible-disclosure@pingidentity.com",
              "ID": "CVE-2021-42000",
              "STATE": "PUBLIC",
              "TITLE": "Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "PingFederate",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003e=",
                                "version_name": "9.3.0",
                                "version_value": "9.3.3-P15"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.0.0",
                                "version_value": "10.0.11"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.1.0",
                                "version_value": "10.1.8"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.2.0",
                                "version_value": "10.2.6"
                              },
                              {
                                "version_affected": "\u003e=",
                                "version_name": "10.3.0",
                                "version_value": "10.3.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ping Identity"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-285 Improper Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
                  "refsource": "MISC",
                  "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
                },
                {
                  "name": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html",
                  "refsource": "MISC",
                  "url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "PingFederate product patched versions 9.3.3-P16, 10.0.12, 10.1.9, 10.2.7, 10.3.3"
              }
            ],
            "source": {
              "advisory": "SECBL020",
              "defect": [
                "PF-29924"
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
        "assignerShortName": "Ping Identity",
        "cveId": "CVE-2021-42000",
        "datePublished": "2022-02-10T22:30:11.000Z",
        "dateReserved": "2021-10-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:22:25.779Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }