Search criteria
42 vulnerabilities found for pingfederate by pingidentity
FKIE_CVE-2024-22477
Vulnerability from fkie_nvd - Published: 2024-07-09 23:15 - Updated: 2024-11-21 08:56
Severity ?
1.8 (Low) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.
References
| URL | Tags | ||
|---|---|---|---|
| responsible-disclosure@pingidentity.com | https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083 | Broken Link, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | 12.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C9BB16-0B50-40AD-991D-CE55D1B4DE56",
"versionEndIncluding": "10.3.13",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A809B38-F404-4DB2-BD2C-68D2D4B98A68",
"versionEndIncluding": "11.0.9",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "703CAE2D-061F-4FCC-A640-2649656830E4",
"versionEndIncluding": "11.1.9",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7DA8B9-7439-4ABC-A37A-D9FF13D8884C",
"versionEndIncluding": "11.2.8",
"versionStartIncluding": "11.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4425C90D-DBB8-4090-A8F0-8ECE129D19DD",
"versionEndIncluding": "11.3.4",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A62E1361-EFC7-4242-88AD-995A113A6CFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de Cross Site Scripting en la consola de administraci\u00f3n de OIDC Policy Management Editor. El impacto est\u00e1 limitado a los usuarios de la consola de administraci\u00f3n \u00fanicamente."
}
],
"id": "CVE-2024-22477",
"lastModified": "2024-11-21T08:56:21.077",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.4,
"impactScore": 1.4,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-09T23:15:10.827",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-22377
Vulnerability from fkie_nvd - Published: 2024-07-09 23:15 - Updated: 2024-11-21 08:56
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | 12.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C9BB16-0B50-40AD-991D-CE55D1B4DE56",
"versionEndIncluding": "10.3.13",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A809B38-F404-4DB2-BD2C-68D2D4B98A68",
"versionEndIncluding": "11.0.9",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "703CAE2D-061F-4FCC-A640-2649656830E4",
"versionEndIncluding": "11.1.9",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7DA8B9-7439-4ABC-A37A-D9FF13D8884C",
"versionEndIncluding": "11.2.8",
"versionStartIncluding": "11.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4425C90D-DBB8-4090-A8F0-8ECE129D19DD",
"versionEndIncluding": "11.3.4",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A62E1361-EFC7-4242-88AD-995A113A6CFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users."
},
{
"lang": "es",
"value": "El directorio de implementaci\u00f3n en los nodos de tiempo de ejecuci\u00f3n de PingFederate es accesible para usuarios no autorizados."
}
],
"id": "CVE-2024-22377",
"lastModified": "2024-11-21T08:56:09.157",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-09T23:15:10.620",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Broken Link"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-40545
Vulnerability from fkie_nvd - Published: 2024-02-06 18:15 - Updated: 2024-11-21 08:19
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | 11.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DEF0BF-4C46-4386-8C46-3687A644A47B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication\u00a0bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\n"
},
{
"lang": "es",
"value": "Omisi\u00f3n de autenticaci\u00f3n cuando un cliente OAuth2 utiliza client_secret_jwt como m\u00e9todo de autenticaci\u00f3n en las versiones 11.3 afectadas a trav\u00e9s de solicitudes especialmente manipuladas."
}
],
"id": "CVE-2023-40545",
"lastModified": "2024-11-21T08:19:41.303",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-06T18:15:58.470",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
},
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Permissions Required"
],
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-39219
Vulnerability from fkie_nvd - Published: 2023-10-25 18:17 - Updated: 2024-11-21 08:14
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | 11.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1580F4CC-0AE6-4ABF-8EF5-2AF53973DBC7",
"versionEndIncluding": "10.3.12",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7122A4D7-4BFF-4AA5-876B-CA325B3A2293",
"versionEndIncluding": "11.1.7",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "116C42D0-F1AD-4C81-B17C-6114A83A091B",
"versionEndIncluding": "11.2.6",
"versionStartIncluding": "11.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DEF0BF-4C46-4386-8C46-3687A644A47B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\n"
},
{
"lang": "es",
"value": "La dependencia de la consola administrativa de PingFederate contiene una debilidad donde la consola deja de responder con solicitudes de enumeraci\u00f3n de carga de clases Java manipuladas"
}
],
"id": "CVE-2023-39219",
"lastModified": "2024-11-21T08:14:56.463",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-25T18:17:28.973",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
},
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Product"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-37283
Vulnerability from fkie_nvd - Published: 2023-10-25 18:17 - Updated: 2024-11-21 08:11
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | 11.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1580F4CC-0AE6-4ABF-8EF5-2AF53973DBC7",
"versionEndIncluding": "10.3.12",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7122A4D7-4BFF-4AA5-876B-CA325B3A2293",
"versionEndIncluding": "11.1.7",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "116C42D0-F1AD-4C81-B17C-6114A83A091B",
"versionEndIncluding": "11.2.6",
"versionStartIncluding": "11.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DEF0BF-4C46-4386-8C46-3687A644A47B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\n"
},
{
"lang": "es",
"value": "Bajo una configuraci\u00f3n muy espec\u00edfica y altamente no recomendada, la omisi\u00f3n de autenticaci\u00f3n es posible en PingFederate Identifier First Adapter"
}
],
"id": "CVE-2023-37283",
"lastModified": "2024-11-21T08:11:23.580",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-25T18:17:28.270",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
},
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Product"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-34085
Vulnerability from fkie_nvd - Published: 2023-10-25 18:17 - Updated: 2024-11-21 08:06
Severity ?
2.6 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AC65E4-D19B-4D50-A109-B6DA1F15E7E8",
"versionEndIncluding": "11.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"
},
{
"lang": "es",
"value": "Cuando se utiliza una tabla de AWS DynamoDB para el almacenamiento de atributos de usuario, es posible recuperar los atributos de otro usuario mediante una solicitud manipulada con fines malintencionados."
}
],
"id": "CVE-2023-34085",
"lastModified": "2024-11-21T08:06:30.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-25T18:17:28.010",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
},
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-359"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-40722
Vulnerability from fkie_nvd - Published: 2023-04-25 19:15 - Updated: 2024-11-21 07:21
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N
Summary
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingid_adapter_for_pingfederate | * | |
| pingidentity | pingid_integration_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F085AB7-29E3-4CC6-88C6-49EF87B1E7E9",
"versionEndIncluding": "11.1.5",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F76BB82-2AE0-4330-84E7-BBFFABF030C0",
"versionEndIncluding": "11.2.2",
"versionStartIncluding": "11.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingid_adapter_for_pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9285EE82-E2F6-4C82-8F0E-2149B8652E71",
"versionEndExcluding": "2.13.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingid_integration_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D3BE72-98EE-4FE4-BF80-CDD66F495AC1",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA."
}
],
"id": "CVE-2022-40722",
"lastModified": "2024-11-21T07:21:56.117",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.8,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-25T19:15:10.240",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Product"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
},
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-780"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-40723
Vulnerability from fkie_nvd - Published: 2023-04-25 19:15 - Updated: 2024-11-21 07:21
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingid_integration_kit | * | |
| pingidentity | radius_pcv | * | |
| pingidentity | radius_pcv | 2.10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F085AB7-29E3-4CC6-88C6-49EF87B1E7E9",
"versionEndIncluding": "11.1.5",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F76BB82-2AE0-4330-84E7-BBFFABF030C0",
"versionEndIncluding": "11.2.2",
"versionStartIncluding": "11.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingid_integration_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0D3BE72-98EE-4FE4-BF80-CDD66F495AC1",
"versionEndExcluding": "2.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:radius_pcv:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A97675A-6B44-4AB9-AC7A-D67153A0273C",
"versionEndExcluding": "3.0.2",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:radius_pcv:2.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EC03B9-23AE-4E5C-A7AD-44D10E3997FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations."
}
],
"id": "CVE-2022-40723",
"lastModified": "2024-11-21T07:21:56.260",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-25T19:15:10.310",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-305"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-40724
Vulnerability from fkie_nvd - Published: 2023-04-25 19:15 - Updated: 2024-11-21 07:21
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D71A00D1-7F03-41CD-A62F-267D8EA85696",
"versionEndIncluding": "10.3.11",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E06480B-D92B-42C1-8A57-90E5F9229E15",
"versionEndIncluding": "11.0.6",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F085AB7-29E3-4CC6-88C6-49EF87B1E7E9",
"versionEndIncluding": "11.1.5",
"versionStartIncluding": "11.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F76BB82-2AE0-4330-84E7-BBFFABF030C0",
"versionEndIncluding": "11.2.2",
"versionStartIncluding": "11.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PingFederate Local Identity Profiles \u0027/pf/idprofile.ping\u0027 endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests."
}
],
"id": "CVE-2022-40724",
"lastModified": "2024-11-21T07:21:56.407",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 4.7,
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-25T19:15:10.383",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-23722
Vulnerability from fkie_nvd - Published: 2022-05-02 22:15 - Updated: 2024-11-21 06:49
Severity ?
Summary
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | * | |
| pingidentity | pingfederate | 9.3.3 | |
| pingidentity | pingfederate | 11.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF59C274-0837-41EF-BD03-B2C762B8AD2E",
"versionEndExcluding": "9.3.3",
"versionStartIncluding": "9.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C32AD2C-6B70-49E0-B4C1-829735EDBA35",
"versionEndExcluding": "10.0.12",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23194E8C-C2BD-4A0C-875D-BBF15679A0F1",
"versionEndExcluding": "10.1.9",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0887EB34-CD7F-4A26-AEC5-DCC5DA07E795",
"versionEndExcluding": "10.2.7",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC079534-00BB-4965-88F1-D8FDF79FF35C",
"versionEndExcluding": "10.3.4",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:9.3.3:p15:*:*:*:*:*:*",
"matchCriteriaId": "742ABDC8-3F6F-4D21-9FFE-BDF5F098FD60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E04A442B-5726-4057-B6B3-7BB6021255AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
},
{
"lang": "es",
"value": "Cuando un mecanismo de restablecimiento de contrase\u00f1a est\u00e1 configurado para usar la API de Autenticaci\u00f3n con una Pol\u00edtica de Autenticaci\u00f3n, una Contrase\u00f1a de Una sola vez por correo electr\u00f3nico, PingID o autenticaci\u00f3n por SMS, un usuario existente puede restablecer la contrase\u00f1a de otro usuario existente"
}
],
"id": "CVE-2022-23722",
"lastModified": "2024-11-21T06:49:10.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-02T22:15:09.647",
"references": [
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
},
{
"source": "responsible-disclosure@pingidentity.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
}
],
"sourceIdentifier": "responsible-disclosure@pingidentity.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-288"
}
],
"source": "responsible-disclosure@pingidentity.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-22377 (GCVE-0-2024-22377)
Vulnerability from cvelistv5 – Published: 2024-07-09 23:03 – Updated: 2024-08-01 22:43
VLAI?
Title
PingFederate Runtime Node Path Traversal
Summary
The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.
Severity ?
5.3 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0.0 , ≤ 11.0.9
(custom)
Affected: 11.1.0 , ≤ 11.1.9 (custom) Affected: 11.2.0 , ≤ 11.2.8 (custom) Affected: 11.3.0 , ≤ 11.3.4 (custom) Affected: 12.0.0 (custom) Affected: 10.3.0 , ≤ 10.3.13 (custom) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:10.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:15:10.302158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T16:13:24.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
}
],
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
}
],
"datePublic": "2024-07-09T22:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.\u003cbr\u003e"
}
],
"value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T23:03:27.722Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PingFederate Runtime Node Path Traversal",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The deploy directory can be restricted by making changes to runtime jetty configuration.\u0026nbsp;\u0026nbsp;\u003cbr\u003e"
}
],
"value": "The deploy directory can be restricted by making changes to runtime jetty configuration."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2024-22377",
"datePublished": "2024-07-09T23:03:27.722Z",
"dateReserved": "2024-01-17T17:27:24.578Z",
"dateUpdated": "2024-08-01T22:43:34.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22477 (GCVE-0-2024-22477)
Vulnerability from cvelistv5 – Published: 2024-07-09 23:01 – Updated: 2024-08-01 22:51
VLAI?
Title
PingFederate OIDC Policy Management Editor Cross-Site Scripting
Summary
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0.0 , ≤ 11.0.9
(custom)
Affected: 11.1.0 , ≤ 11.1.9 (custom) Affected: 11.2.0 , ≤ 11.2.8 (custom) Affected: 11.3.0 , ≤ 11.3.4 (custom) Affected: 12.0.0 (custom) Affected: 10.3.0 , ≤ 10.3.13 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T13:29:31.833138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T13:30:14.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:51:09.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
}
],
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
}
],
"datePublic": "2024-07-09T22:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.\u003cbr\u003e"
}
],
"value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T23:01:28.611Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PingFederate OIDC Policy Management Editor Cross-Site Scripting",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2024-22477",
"datePublished": "2024-07-09T23:01:28.611Z",
"dateReserved": "2024-01-17T17:27:24.603Z",
"dateUpdated": "2024-08-01T22:51:09.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40545 (GCVE-0-2023-40545)
Vulnerability from cvelistv5 – Published: 2024-02-06 17:27 – Updated: 2024-08-22 16:53
VLAI?
Title
PingFederate OAuth client_secret_jwt Authentication Bypass
Summary
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
Severity ?
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3.0 , ≤ 11.3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"lessThanOrEqual": "11.3.2",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:50:41.466461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T16:53:12.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.2",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthentication\u0026nbsp;bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Authentication\u00a0bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T17:28:00.505Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
}
],
"source": {
"advisory": "SECADV040",
"defect": [
"PF-34645"
],
"discovery": "UNKNOWN"
},
"title": "PingFederate OAuth client_secret_jwt Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-40545",
"datePublished": "2024-02-06T17:27:42.361Z",
"dateReserved": "2023-08-25T16:59:38.674Z",
"dateUpdated": "2024-08-22T16:53:12.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34085 (GCVE-0-2023-34085)
Vulnerability from cvelistv5 – Published: 2023-10-25 02:03 – Updated: 2024-09-10 15:05
VLAI?
Title
User Attribute Disclosure via DynamoDB Data Stores
Summary
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
Severity ?
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:00:49.766852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:05:08.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AWS DynamoDB as user attribute store"
}
],
"value": "AWS DynamoDB as user attribute store"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eWhen an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T02:03:56.433Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-33935"
],
"discovery": "INTERNAL"
},
"title": "User Attribute Disclosure via DynamoDB Data Stores",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-34085",
"datePublished": "2023-10-25T02:03:56.433Z",
"dateReserved": "2023-07-25T20:13:14.876Z",
"dateUpdated": "2024-09-10T15:05:08.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39219 (GCVE-0-2023-39219)
Vulnerability from cvelistv5 – Published: 2023-10-25 01:44 – Updated: 2025-06-12 14:58
VLAI?
Title
Admin Console Denial of Service via Java class enumeration
Summary
PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
Affected: 11.2.0 , ≤ 11.2.6 (custom) Affected: 11.1.0 , ≤ 11.1.7 (custom) Affected: 10.3.0 , ≤ 10.3.12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T14:58:09.523502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T14:58:40.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.6",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.7",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.12",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\n"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T01:44:44.362Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-33449"
],
"discovery": "EXTERNAL"
},
"title": "Admin Console Denial of Service via Java class enumeration",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-39219",
"datePublished": "2023-10-25T01:44:44.362Z",
"dateReserved": "2023-07-25T20:13:14.871Z",
"dateUpdated": "2025-06-12T14:58:40.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37283 (GCVE-0-2023-37283)
Vulnerability from cvelistv5 – Published: 2023-10-25 01:24 – Updated: 2024-08-02 17:09
VLAI?
Title
Authentication Bypass via HTML Form & Identifier First Adapter
Summary
Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter
Severity ?
8.1 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
Affected: 11.2.0 , ≤ 11.2.6 (custom) Affected: 11.1.0 , ≤ 11.1.7 (custom) Affected: 10.3.0 , ≤ 10.3.12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.6",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.7",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.12",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T01:24:47.780Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-34017"
],
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass via HTML Form \u0026 Identifier First Adapter",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-37283",
"datePublished": "2023-10-25T01:24:47.780Z",
"dateReserved": "2023-07-25T20:13:14.866Z",
"dateUpdated": "2024-08-02T17:09:34.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40722 (GCVE-0-2022-40722)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:49
VLAI?
Title
Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate.
Summary
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.
Severity ?
7.7 (High)
CWE
- CWE-780 - Use of RSA Algorithm without OAEP
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Adapter for PingFederate |
Affected:
2.13.2 , < 2.13.2
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.770Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40722",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:49:10.680225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:49:20.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingID Adapter for PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.13.2",
"status": "affected",
"version": "2.13.2",
"versionType": "custom"
}
]
},
{
"product": "PingID Integration Kit (includes PingID Adapter)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.24",
"status": "affected",
"version": "2.24",
"versionType": "custom"
}
]
},
{
"product": "PingFederate (includes PingID Adapter)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-780",
"description": "CWE-780 Use of RSA Algorithm without OAEP",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
}
],
"source": {
"advisory": "SECADV035",
"defect": [
"PIM-2677"
],
"discovery": "INTERNAL"
},
"title": "Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40722",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:49:20.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40723 (GCVE-0-2022-40723)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
VLAI?
Title
Configuration-based MFA Bypass in PingID RADIUS PCV.
Summary
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
Severity ?
CWE
- CWE-305 - Authentication Bypass by Primary Weakness
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Radius PCV |
Affected:
2.10.0
Affected: 3.0.0 , < 3.0.0* (custom) Affected: 3.0.2 , ≤ 3.0.2 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:48:50.451839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:48:54.313Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingID Radius PCV",
"vendor": "Ping Identity",
"versions": [
{
"status": "affected",
"version": "2.10.0"
},
{
"lessThan": "3.0.0*",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "3.0.2",
"versionType": "custom"
}
]
},
{
"product": "PingID Integration Kit (includes Radius PCV)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.24",
"status": "affected",
"version": "2.24",
"versionType": "custom"
}
]
},
{
"product": "PingFederate (includes Radius PCV)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:H/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
}
],
"source": {
"advisory": "SECADV035",
"defect": [
"PIM-3774"
],
"discovery": "INTERNAL"
},
"title": "Configuration-based MFA Bypass in PingID RADIUS PCV."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40723",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:48:54.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40724 (GCVE-0-2022-40724)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
VLAI?
Title
Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint.
Summary
The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.
Severity ?
CWE
- CWE-352 - Cross-Site Request Forgery
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
10.3.0 , < 10.3.0*
(custom)
Affected: 10.3.11 , ≤ 10.3.11 (custom) Affected: 11.0.0 , < 11.0.0* (custom) Affected: 11.0.6 , ≤ 11.0.6 (custom) Affected: 11.1.0 , < 11.1.0* (custom) Affected: 11.1.5 , ≤ 11.1.5 (custom) Affected: 11.2.0 , < 11.2.0* (custom) Affected: 11.2.2 , ≤ 11.2.2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:48:27.864493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:48:33.050Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "10.3.0*",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.11",
"status": "affected",
"version": "10.3.11",
"versionType": "custom"
},
{
"lessThan": "11.0.0*",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.6",
"status": "affected",
"version": "11.0.6",
"versionType": "custom"
},
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PingFederate Local Identity Profiles \u0027/pf/idprofile.ping\u0027 endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H/E:H/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
}
],
"source": {
"advisory": "SECADV033",
"defect": [
"PF-32805"
],
"discovery": "INTERNAL"
},
"title": "Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40724",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:48:33.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23722 (GCVE-0-2022-23722)
Vulnerability from cvelistv5 – Published: 2022-05-02 22:05 – Updated: 2024-08-03 03:51
VLAI?
Title
PingFederate Password Reset via Authentication API Mishandling
Summary
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.
Severity ?
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0 , ≤ 11.0
(custom)
Affected: 10.3 , ≤ 10.3.4 (custom) Affected: 10.2 , ≤ 10.2.7 (custom) Affected: 10.1 , ≤ 10.1.9 (custom) Affected: 10.0 , ≤ 10.0.12 (custom) Affected: 9.3 , ≤ 9.3.3P16 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.4",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.2.7",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.9",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.3.3P16",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T22:05:13",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
],
"source": {
"advisory": "SECBL021",
"defect": [
"PF-30450"
],
"discovery": "INTERNAL"
},
"title": "PingFederate Password Reset via Authentication API Mishandling",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23722",
"STATE": "PUBLIC",
"TITLE": "PingFederate Password Reset via Authentication API Mishandling"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingFederate",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "11.0",
"version_value": "11.0"
},
{
"version_affected": "\u003c=",
"version_name": "10.3",
"version_value": "10.3.4"
},
{
"version_affected": "\u003c=",
"version_name": "10.2",
"version_value": "10.2.7"
},
{
"version_affected": "\u003c=",
"version_name": "10.1",
"version_value": "10.1.9"
},
{
"version_affected": "\u003c=",
"version_name": "10.0",
"version_value": "10.0.12"
},
{
"version_affected": "\u003c=",
"version_name": "9.3",
"version_value": "9.3.3P16"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
]
},
"source": {
"advisory": "SECBL021",
"defect": [
"PF-30450"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23722",
"datePublished": "2022-05-02T22:05:13",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22377 (GCVE-0-2024-22377)
Vulnerability from nvd – Published: 2024-07-09 23:03 – Updated: 2024-08-01 22:43
VLAI?
Title
PingFederate Runtime Node Path Traversal
Summary
The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.
Severity ?
5.3 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0.0 , ≤ 11.0.9
(custom)
Affected: 11.1.0 , ≤ 11.1.9 (custom) Affected: 11.2.0 , ≤ 11.2.8 (custom) Affected: 11.3.0 , ≤ 11.3.4 (custom) Affected: 12.0.0 (custom) Affected: 10.3.0 , ≤ 10.3.13 (custom) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:10.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:15:10.302158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T16:13:24.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
}
],
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
}
],
"datePublic": "2024-07-09T22:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.\u003cbr\u003e"
}
],
"value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T23:03:27.722Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PingFederate Runtime Node Path Traversal",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The deploy directory can be restricted by making changes to runtime jetty configuration.\u0026nbsp;\u0026nbsp;\u003cbr\u003e"
}
],
"value": "The deploy directory can be restricted by making changes to runtime jetty configuration."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2024-22377",
"datePublished": "2024-07-09T23:03:27.722Z",
"dateReserved": "2024-01-17T17:27:24.578Z",
"dateUpdated": "2024-08-01T22:43:34.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22477 (GCVE-0-2024-22477)
Vulnerability from nvd – Published: 2024-07-09 23:01 – Updated: 2024-08-01 22:51
VLAI?
Title
PingFederate OIDC Policy Management Editor Cross-Site Scripting
Summary
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0.0 , ≤ 11.0.9
(custom)
Affected: 11.1.0 , ≤ 11.1.9 (custom) Affected: 11.2.0 , ≤ 11.2.8 (custom) Affected: 11.3.0 , ≤ 11.3.4 (custom) Affected: 12.0.0 (custom) Affected: 10.3.0 , ≤ 10.3.13 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T13:29:31.833138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T13:30:14.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:51:09.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
}
],
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
}
],
"datePublic": "2024-07-09T22:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.\u003cbr\u003e"
}
],
"value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T23:01:28.611Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PingFederate OIDC Policy Management Editor Cross-Site Scripting",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2024-22477",
"datePublished": "2024-07-09T23:01:28.611Z",
"dateReserved": "2024-01-17T17:27:24.603Z",
"dateUpdated": "2024-08-01T22:51:09.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40545 (GCVE-0-2023-40545)
Vulnerability from nvd – Published: 2024-02-06 17:27 – Updated: 2024-08-22 16:53
VLAI?
Title
PingFederate OAuth client_secret_jwt Authentication Bypass
Summary
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
Severity ?
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3.0 , ≤ 11.3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"lessThanOrEqual": "11.3.2",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:50:41.466461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T16:53:12.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.2",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthentication\u0026nbsp;bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Authentication\u00a0bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T17:28:00.505Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
}
],
"source": {
"advisory": "SECADV040",
"defect": [
"PF-34645"
],
"discovery": "UNKNOWN"
},
"title": "PingFederate OAuth client_secret_jwt Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-40545",
"datePublished": "2024-02-06T17:27:42.361Z",
"dateReserved": "2023-08-25T16:59:38.674Z",
"dateUpdated": "2024-08-22T16:53:12.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34085 (GCVE-0-2023-34085)
Vulnerability from nvd – Published: 2023-10-25 02:03 – Updated: 2024-09-10 15:05
VLAI?
Title
User Attribute Disclosure via DynamoDB Data Stores
Summary
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
Severity ?
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:00:49.766852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:05:08.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AWS DynamoDB as user attribute store"
}
],
"value": "AWS DynamoDB as user attribute store"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eWhen an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T02:03:56.433Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-33935"
],
"discovery": "INTERNAL"
},
"title": "User Attribute Disclosure via DynamoDB Data Stores",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-34085",
"datePublished": "2023-10-25T02:03:56.433Z",
"dateReserved": "2023-07-25T20:13:14.876Z",
"dateUpdated": "2024-09-10T15:05:08.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39219 (GCVE-0-2023-39219)
Vulnerability from nvd – Published: 2023-10-25 01:44 – Updated: 2025-06-12 14:58
VLAI?
Title
Admin Console Denial of Service via Java class enumeration
Summary
PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
Affected: 11.2.0 , ≤ 11.2.6 (custom) Affected: 11.1.0 , ≤ 11.1.7 (custom) Affected: 10.3.0 , ≤ 10.3.12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T14:58:09.523502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T14:58:40.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.6",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.7",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.12",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\n"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T01:44:44.362Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-33449"
],
"discovery": "EXTERNAL"
},
"title": "Admin Console Denial of Service via Java class enumeration",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-39219",
"datePublished": "2023-10-25T01:44:44.362Z",
"dateReserved": "2023-07-25T20:13:14.871Z",
"dateUpdated": "2025-06-12T14:58:40.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37283 (GCVE-0-2023-37283)
Vulnerability from nvd – Published: 2023-10-25 01:24 – Updated: 2024-08-02 17:09
VLAI?
Title
Authentication Bypass via HTML Form & Identifier First Adapter
Summary
Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter
Severity ?
8.1 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
Affected: 11.2.0 , ≤ 11.2.6 (custom) Affected: 11.1.0 , ≤ 11.1.7 (custom) Affected: 10.3.0 , ≤ 10.3.12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.6",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.7",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.12",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T01:24:47.780Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-34017"
],
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass via HTML Form \u0026 Identifier First Adapter",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-37283",
"datePublished": "2023-10-25T01:24:47.780Z",
"dateReserved": "2023-07-25T20:13:14.866Z",
"dateUpdated": "2024-08-02T17:09:34.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40722 (GCVE-0-2022-40722)
Vulnerability from nvd – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:49
VLAI?
Title
Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate.
Summary
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.
Severity ?
7.7 (High)
CWE
- CWE-780 - Use of RSA Algorithm without OAEP
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Adapter for PingFederate |
Affected:
2.13.2 , < 2.13.2
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.770Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40722",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:49:10.680225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:49:20.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingID Adapter for PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.13.2",
"status": "affected",
"version": "2.13.2",
"versionType": "custom"
}
]
},
{
"product": "PingID Integration Kit (includes PingID Adapter)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.24",
"status": "affected",
"version": "2.24",
"versionType": "custom"
}
]
},
{
"product": "PingFederate (includes PingID Adapter)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-780",
"description": "CWE-780 Use of RSA Algorithm without OAEP",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
}
],
"source": {
"advisory": "SECADV035",
"defect": [
"PIM-2677"
],
"discovery": "INTERNAL"
},
"title": "Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40722",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:49:20.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40723 (GCVE-0-2022-40723)
Vulnerability from nvd – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
VLAI?
Title
Configuration-based MFA Bypass in PingID RADIUS PCV.
Summary
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
Severity ?
CWE
- CWE-305 - Authentication Bypass by Primary Weakness
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Radius PCV |
Affected:
2.10.0
Affected: 3.0.0 , < 3.0.0* (custom) Affected: 3.0.2 , ≤ 3.0.2 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:48:50.451839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:48:54.313Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingID Radius PCV",
"vendor": "Ping Identity",
"versions": [
{
"status": "affected",
"version": "2.10.0"
},
{
"lessThan": "3.0.0*",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "3.0.2",
"versionType": "custom"
}
]
},
{
"product": "PingID Integration Kit (includes Radius PCV)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.24",
"status": "affected",
"version": "2.24",
"versionType": "custom"
}
]
},
{
"product": "PingFederate (includes Radius PCV)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:H/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
}
],
"source": {
"advisory": "SECADV035",
"defect": [
"PIM-3774"
],
"discovery": "INTERNAL"
},
"title": "Configuration-based MFA Bypass in PingID RADIUS PCV."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40723",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:48:54.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40724 (GCVE-0-2022-40724)
Vulnerability from nvd – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
VLAI?
Title
Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint.
Summary
The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.
Severity ?
CWE
- CWE-352 - Cross-Site Request Forgery
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
10.3.0 , < 10.3.0*
(custom)
Affected: 10.3.11 , ≤ 10.3.11 (custom) Affected: 11.0.0 , < 11.0.0* (custom) Affected: 11.0.6 , ≤ 11.0.6 (custom) Affected: 11.1.0 , < 11.1.0* (custom) Affected: 11.1.5 , ≤ 11.1.5 (custom) Affected: 11.2.0 , < 11.2.0* (custom) Affected: 11.2.2 , ≤ 11.2.2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:48:27.864493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:48:33.050Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "10.3.0*",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.11",
"status": "affected",
"version": "10.3.11",
"versionType": "custom"
},
{
"lessThan": "11.0.0*",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.6",
"status": "affected",
"version": "11.0.6",
"versionType": "custom"
},
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PingFederate Local Identity Profiles \u0027/pf/idprofile.ping\u0027 endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H/E:H/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
}
],
"source": {
"advisory": "SECADV033",
"defect": [
"PF-32805"
],
"discovery": "INTERNAL"
},
"title": "Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40724",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:48:33.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23722 (GCVE-0-2022-23722)
Vulnerability from nvd – Published: 2022-05-02 22:05 – Updated: 2024-08-03 03:51
VLAI?
Title
PingFederate Password Reset via Authentication API Mishandling
Summary
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.
Severity ?
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0 , ≤ 11.0
(custom)
Affected: 10.3 , ≤ 10.3.4 (custom) Affected: 10.2 , ≤ 10.2.7 (custom) Affected: 10.1 , ≤ 10.1.9 (custom) Affected: 10.0 , ≤ 10.0.12 (custom) Affected: 9.3 , ≤ 9.3.3P16 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.4",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.2.7",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.9",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.3.3P16",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T22:05:13",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
],
"source": {
"advisory": "SECBL021",
"defect": [
"PF-30450"
],
"discovery": "INTERNAL"
},
"title": "PingFederate Password Reset via Authentication API Mishandling",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23722",
"STATE": "PUBLIC",
"TITLE": "PingFederate Password Reset via Authentication API Mishandling"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingFederate",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "11.0",
"version_value": "11.0"
},
{
"version_affected": "\u003c=",
"version_name": "10.3",
"version_value": "10.3.4"
},
{
"version_affected": "\u003c=",
"version_name": "10.2",
"version_value": "10.2.7"
},
{
"version_affected": "\u003c=",
"version_name": "10.1",
"version_value": "10.1.9"
},
{
"version_affected": "\u003c=",
"version_name": "10.0",
"version_value": "10.0.12"
},
{
"version_affected": "\u003c=",
"version_name": "9.3",
"version_value": "9.3.3P16"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
]
},
"source": {
"advisory": "SECBL021",
"defect": [
"PF-30450"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23722",
"datePublished": "2022-05-02T22:05:13",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}