Search criteria
39 vulnerabilities by pingidentity
CVE-2024-22377 (GCVE-0-2024-22377)
Vulnerability from cvelistv5 – Published: 2024-07-09 23:03 – Updated: 2024-08-01 22:43
VLAI?
Summary
The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.
Severity ?
5.3 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0.0 , ≤ 11.0.9
(custom)
Affected: 11.1.0 , ≤ 11.1.9 (custom) Affected: 11.2.0 , ≤ 11.2.8 (custom) Affected: 11.3.0 , ≤ 11.3.4 (custom) Affected: 12.0.0 (custom) Affected: 10.3.0 , ≤ 10.3.13 (custom) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:10.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:pingidentity:pingfederate:11.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:15:10.302158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T16:13:24.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
}
],
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
}
],
"datePublic": "2024-07-09T22:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.\u003cbr\u003e"
}
],
"value": "The deploy directory in PingFederate runtime nodes is reachable to unauthorized users."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T23:03:27.722Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PingFederate Runtime Node Path Traversal",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The deploy directory can be restricted by making changes to runtime jetty configuration.\u0026nbsp;\u0026nbsp;\u003cbr\u003e"
}
],
"value": "The deploy directory can be restricted by making changes to runtime jetty configuration."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2024-22377",
"datePublished": "2024-07-09T23:03:27.722Z",
"dateReserved": "2024-01-17T17:27:24.578Z",
"dateUpdated": "2024-08-01T22:43:34.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22477 (GCVE-0-2024-22477)
Vulnerability from cvelistv5 – Published: 2024-07-09 23:01 – Updated: 2024-08-01 22:51
VLAI?
Summary
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0.0 , ≤ 11.0.9
(custom)
Affected: 11.1.0 , ≤ 11.1.9 (custom) Affected: 11.2.0 , ≤ 11.2.8 (custom) Affected: 11.3.0 , ≤ 11.3.4 (custom) Affected: 12.0.0 (custom) Affected: 10.3.0 , ≤ 10.3.13 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T13:29:31.833138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T13:30:14.614Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:51:09.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.9",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.13",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue.\u003cbr\u003e"
}
],
"value": "All instances of PingFederate on vulnerable versions are vulnerable to this issue."
}
],
"datePublic": "2024-07-09T22:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.\u003cbr\u003e"
}
],
"value": "A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T23:01:28.611Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PingFederate OIDC Policy Management Editor Cross-Site Scripting",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2024-22477",
"datePublished": "2024-07-09T23:01:28.611Z",
"dateReserved": "2024-01-17T17:27:24.603Z",
"dateUpdated": "2024-08-01T22:51:09.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40545 (GCVE-0-2023-40545)
Vulnerability from cvelistv5 – Published: 2024-02-06 17:27 – Updated: 2024-08-22 16:53
VLAI?
Summary
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
Severity ?
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3.0 , ≤ 11.3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pingfederate",
"vendor": "pingidentity",
"versions": [
{
"lessThanOrEqual": "11.3.2",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:50:41.466461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T16:53:12.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.2",
"status": "affected",
"version": "11.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthentication\u0026nbsp;bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Authentication\u00a0bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T17:28:00.505Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://support.pingidentity.com/s/article/SECADV040-PingFederate-OAuth-Client-Authentication-Bypass"
},
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/hro1701116403236"
}
],
"source": {
"advisory": "SECADV040",
"defect": [
"PF-34645"
],
"discovery": "UNKNOWN"
},
"title": "PingFederate OAuth client_secret_jwt Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-40545",
"datePublished": "2024-02-06T17:27:42.361Z",
"dateReserved": "2023-08-25T16:59:38.674Z",
"dateUpdated": "2024-08-22T16:53:12.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36496 (GCVE-0-2023-36496)
Vulnerability from cvelistv5 – Published: 2024-02-01 23:00 – Updated: 2025-06-17 21:29
VLAI?
Summary
Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.
Severity ?
7.7 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingDirectory |
Affected:
8.3 , ≤ 8.3.0.8
(8.3.0.9)
Affected: 9.0 , ≤ 9.0.0.5 (9.0.0.6) Affected: 9.1 , ≤ 9.1.0.2 (9.1.0.3) Affected: 9.2 , ≤ 9.2.0.1 (9.2.0.2) Affected: 9.3 , < 9.3.0.1 (9.3.0.1) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:45:57.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.pingidentity.com/s/article/SECADV039"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-02T18:01:23.224460Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:22.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingDirectory",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "8.3.0.8",
"status": "affected",
"version": "8.3",
"versionType": "8.3.0.9"
},
{
"lessThanOrEqual": "9.0.0.5",
"status": "affected",
"version": "9.0",
"versionType": "9.0.0.6"
},
{
"lessThanOrEqual": "9.1.0.2",
"status": "affected",
"version": "9.1",
"versionType": "9.1.0.3"
},
{
"lessThanOrEqual": "9.2.0.1",
"status": "affected",
"version": "9.2",
"versionType": "9.2.0.2"
},
{
"lessThan": "9.3.0.1",
"status": "affected",
"version": "9.3",
"versionType": "9.3.0.1"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Enable Delegated Admin virtual attribute provider"
}
],
"value": "Enable Delegated Admin virtual attribute provider"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDelegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-01T23:00:03.660Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://support.pingidentity.com/s/article/SECADV039"
},
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284"
}
],
"source": {
"advisory": "SECADV039",
"defect": [
"DS-47632"
],
"discovery": "INTERNAL"
},
"title": "Delegated Admin Virtual Attribute Provider Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-36496",
"datePublished": "2024-02-01T23:00:03.660Z",
"dateReserved": "2023-07-25T20:13:14.880Z",
"dateUpdated": "2025-06-17T21:29:22.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34085 (GCVE-0-2023-34085)
Vulnerability from cvelistv5 – Published: 2023-10-25 02:03 – Updated: 2024-09-10 15:05
VLAI?
Summary
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
Severity ?
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:00:49.766852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:05:08.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AWS DynamoDB as user attribute store"
}
],
"value": "AWS DynamoDB as user attribute store"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eWhen an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request\n"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T02:03:56.433Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-33935"
],
"discovery": "INTERNAL"
},
"title": "User Attribute Disclosure via DynamoDB Data Stores",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-34085",
"datePublished": "2023-10-25T02:03:56.433Z",
"dateReserved": "2023-07-25T20:13:14.876Z",
"dateUpdated": "2024-09-10T15:05:08.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39219 (GCVE-0-2023-39219)
Vulnerability from cvelistv5 – Published: 2023-10-25 01:44 – Updated: 2025-06-12 14:58
VLAI?
Summary
PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
Affected: 11.2.0 , ≤ 11.2.6 (custom) Affected: 11.1.0 , ≤ 11.1.7 (custom) Affected: 10.3.0 , ≤ 10.3.12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T14:58:09.523502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T14:58:40.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.6",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.7",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.12",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests\n"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T01:44:44.362Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-33449"
],
"discovery": "EXTERNAL"
},
"title": "Admin Console Denial of Service via Java class enumeration",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-39219",
"datePublished": "2023-10-25T01:44:44.362Z",
"dateReserved": "2023-07-25T20:13:14.871Z",
"dateUpdated": "2025-06-12T14:58:40.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37283 (GCVE-0-2023-37283)
Vulnerability from cvelistv5 – Published: 2023-10-25 01:24 – Updated: 2024-08-02 17:09
VLAI?
Summary
Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter
Severity ?
8.1 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.3 , ≤ 11.3.0
(custom)
Affected: 11.2.0 , ≤ 11.2.6 (custom) Affected: 11.1.0 , ≤ 11.1.7 (custom) Affected: 10.3.0 , ≤ 10.3.12 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.3.0",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.6",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.7",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.12",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T01:24:47.780Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-113/gyk1689105783244"
}
],
"source": {
"advisory": "SECADV037",
"defect": [
"PF-34017"
],
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass via HTML Form \u0026 Identifier First Adapter",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-37283",
"datePublished": "2023-10-25T01:24:47.780Z",
"dateReserved": "2023-07-25T20:13:14.866Z",
"dateUpdated": "2024-08-02T17:09:34.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39930 (GCVE-0-2023-39930)
Vulnerability from cvelistv5 – Published: 2023-10-24 20:54 – Updated: 2024-09-17 14:16
VLAI?
Summary
A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request.
Severity ?
7.5 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Radius PCV |
Affected:
3.0 , < 3.0.3
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:18:10.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39930",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T14:08:27.022649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T14:16:56.734Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PingID Radius PCV",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "3.0.3",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request.\u003c/span\u003e"
}
],
"value": "A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T20:54:08.795Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn"
}
],
"source": {
"defect": [
"PID-9546"
],
"discovery": "EXTERNAL"
},
"title": "PingFederate PingID Radius PCV Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-39930",
"datePublished": "2023-10-24T20:54:08.795Z",
"dateReserved": "2023-08-25T16:59:38.668Z",
"dateUpdated": "2024-09-17T14:16:56.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39231 (GCVE-0-2023-39231)
Vulnerability from cvelistv5 – Published: 2023-10-24 19:56 – Updated: 2024-09-11 17:39
VLAI?
Summary
PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. A threat actor may be able to exploit this vulnerability to register their own MFA device if they have knowledge of a victim user's first factor credentials.
Severity ?
7.3 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingOne MFA Integration Kit |
Affected:
2.2 , < 2.2.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-pingone-mfa-ik/bks1657303194394"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingone_mfa_integration_kit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pingone_mfa_integration_kit",
"vendor": "pingidentity",
"versions": [
{
"lessThan": "2.2.1",
"status": "affected",
"version": "2.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T17:38:51.426464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:39:35.873Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "PingOne MFA Integration Kit",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.2.1",
"status": "affected",
"version": "2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. A threat actor may be able to exploit this vulnerability to register their own MFA device if they have knowledge of a victim user\u0027s first factor credentials."
}
],
"value": "PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. A threat actor may be able to exploit this vulnerability to register their own MFA device if they have knowledge of a victim user\u0027s first factor credentials."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T19:56:06.690Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-pingone-mfa-ik/bks1657303194394"
}
],
"source": {
"advisory": "SECADV038",
"defect": [
"P14C-53455"
],
"discovery": "INTERNAL"
},
"title": "PingFederate PingOne MFA IK Device Pairing Second Factor Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2023-39231",
"datePublished": "2023-10-24T19:56:06.690Z",
"dateReserved": "2023-07-25T20:13:14.885Z",
"dateUpdated": "2024-09-11T17:39:35.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40724 (GCVE-0-2022-40724)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
VLAI?
Summary
The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.
Severity ?
CWE
- CWE-352 - Cross-Site Request Forgery
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
10.3.0 , < 10.3.0*
(custom)
Affected: 10.3.11 , ≤ 10.3.11 (custom) Affected: 11.0.0 , < 11.0.0* (custom) Affected: 11.0.6 , ≤ 11.0.6 (custom) Affected: 11.1.0 , < 11.1.0* (custom) Affected: 11.1.5 , ≤ 11.1.5 (custom) Affected: 11.2.0 , < 11.2.0* (custom) Affected: 11.2.2 , ≤ 11.2.2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:48:27.864493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:48:33.050Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "10.3.0*",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.11",
"status": "affected",
"version": "10.3.11",
"versionType": "custom"
},
{
"lessThan": "11.0.0*",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.6",
"status": "affected",
"version": "11.0.6",
"versionType": "custom"
},
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PingFederate Local Identity Profiles \u0027/pf/idprofile.ping\u0027 endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H/E:H/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingfederate-110/fll1675188537050"
}
],
"source": {
"advisory": "SECADV033",
"defect": [
"PF-32805"
],
"discovery": "INTERNAL"
},
"title": "Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40724",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:48:33.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23721 (GCVE-0-2022-23721)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:49
VLAI?
Summary
PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times.
Severity ?
CWE
- CWE-694 - Use of Multiple Resources with Duplicate Identifier
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | unspecified |
Affected:
2.9 , < 2.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/davinci_pingid_windows_login_relnotes_2.9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23721",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:49:35.874858Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:49:49.619Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "unspecified",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.9",
"status": "affected",
"version": "2.9",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-694",
"description": "CWE-694 Use of Multiple Resources with Duplicate Identifier",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/davinci_pingid_windows_login_relnotes_2.9"
}
],
"source": {
"advisory": "SECADV034",
"defect": [
"PIM-3485"
],
"discovery": "INTERNAL"
},
"title": "PingID integration for Windows login duplicate username collision."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23721",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-01-19T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:49:49.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40722 (GCVE-0-2022-40722)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:49
VLAI?
Summary
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.
Severity ?
7.7 (High)
CWE
- CWE-780 - Use of RSA Algorithm without OAEP
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Adapter for PingFederate |
Affected:
2.13.2 , < 2.13.2
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.770Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40722",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:49:10.680225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:49:20.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingID Adapter for PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.13.2",
"status": "affected",
"version": "2.13.2",
"versionType": "custom"
}
]
},
{
"product": "PingID Integration Kit (includes PingID Adapter)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.24",
"status": "affected",
"version": "2.24",
"versionType": "custom"
}
]
},
{
"product": "PingFederate (includes PingID Adapter)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-780",
"description": "CWE-780 Use of RSA Algorithm without OAEP",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"
}
],
"source": {
"advisory": "SECADV035",
"defect": [
"PIM-2677"
],
"discovery": "INTERNAL"
},
"title": "Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40722",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:49:20.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40723 (GCVE-0-2022-40723)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:48
VLAI?
Summary
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
Severity ?
CWE
- CWE-305 - Authentication Bypass by Primary Weakness
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Radius PCV |
Affected:
2.10.0
Affected: 3.0.0 , < 3.0.0* (custom) Affected: 3.0.2 , ≤ 3.0.2 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:48:50.451839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:48:54.313Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingID Radius PCV",
"vendor": "Ping Identity",
"versions": [
{
"status": "affected",
"version": "2.10.0"
},
{
"lessThan": "3.0.0*",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "3.0.2",
"versionType": "custom"
}
]
},
{
"product": "PingID Integration Kit (includes Radius PCV)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.24",
"status": "affected",
"version": "2.24",
"versionType": "custom"
}
]
},
{
"product": "PingFederate (includes Radius PCV)",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "11.1.0*",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.5",
"status": "affected",
"version": "11.1.5",
"versionType": "custom"
},
{
"lessThan": "11.2.0*",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.2",
"status": "affected",
"version": "11.2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:H/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn"
}
],
"source": {
"advisory": "SECADV035",
"defect": [
"PIM-3774"
],
"discovery": "INTERNAL"
},
"title": "Configuration-based MFA Bypass in PingID RADIUS PCV."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40723",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:48:54.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40725 (GCVE-0-2022-40725)
Vulnerability from cvelistv5 – Published: 2023-04-25 00:00 – Updated: 2025-02-04 14:47
VLAI?
Summary
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.
Severity ?
7.3 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Desktop for Windows |
Affected:
1.7.4 , < 1.7.4
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingid/desktop_app_1.7.4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:44:35.689933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T14:47:46.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PingID Desktop for Windows",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.7.4",
"status": "affected",
"version": "1.7.4",
"versionType": "custom"
}
]
},
{
"product": "PingID Desktop for macOS",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.7.4",
"status": "affected",
"version": "1.7.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://docs.pingidentity.com/r/en-us/pingid/desktop_app_1.7.4"
}
],
"source": {
"advisory": "SECADV032",
"defect": [
"PIM-4145"
],
"discovery": "EXTERNAL"
},
"title": "PingID Desktop PIN attempt lockout bypass."
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-40725",
"datePublished": "2023-04-25T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-02-04T14:47:46.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25084 (GCVE-0-2018-25084)
Vulnerability from cvelistv5 – Published: 2023-04-10 18:00 – Updated: 2024-08-05 12:33
VLAI?
Summary
A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.1.3 is able to address this issue. The patch is identified as f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251. It is recommended to upgrade the affected component. VDB-225362 is the identifier assigned to this vulnerability.
Severity ?
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | Self-Service Account Manager |
Affected:
1.1.2
|
Credits
VulDB GitHub Commit Analyzer
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:33:47.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.225362"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.225362"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/pingidentity/ssam/commit/f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/pingidentity/ssam/releases/tag/ssam-1.1.3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Self-Service Account Manager",
"vendor": "Ping Identity",
"versions": [
{
"status": "affected",
"version": "1.1.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.1.3 is able to address this issue. The patch is identified as f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251. It is recommended to upgrade the affected component. VDB-225362 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "Eine problematische Schwachstelle wurde in Ping Identity Self-Service Account Manager 1.1.2 entdeckt. Dies betrifft einen unbekannten Teil der Datei src/main/java/com/unboundid/webapp/ssam/SSAMController.java. Mittels dem Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Ein Aktualisieren auf die Version 1.1.3 vermag dieses Problem zu l\u00f6sen. Der Patch wird als f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T12:37:17.986Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.225362"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.225362"
},
{
"tags": [
"patch"
],
"url": "https://github.com/pingidentity/ssam/commit/f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251"
},
{
"tags": [
"patch"
],
"url": "https://github.com/pingidentity/ssam/releases/tag/ssam-1.1.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-04-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-04-09T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-04-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-04-26T12:40:41.000Z",
"value": "VulDB entry last update"
}
],
"title": "Ping Identity Self-Service Account Manager SSAMController.java cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2018-25084",
"datePublished": "2023-04-10T18:00:05.570Z",
"dateReserved": "2023-04-09T07:51:03.562Z",
"dateUpdated": "2024-08-05T12:33:47.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23726 (GCVE-0-2022-23726)
Vulnerability from cvelistv5 – Published: 2022-09-30 14:35 – Updated: 2025-05-20 16:02
VLAI?
Summary
PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information.
Severity ?
5.4 (Medium)
CWE
- CWE-200 - Information Exposure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingCentral |
Affected:
1.10 , < 1.10
(custom)
Affected: 1.9 , < 1.9.3 (custom) Affected: 1.8 , < 1.8.4 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingcentral.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23726",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:01:58.211864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:02:08.159Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"java"
],
"product": "PingCentral",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.10",
"status": "affected",
"version": "1.10",
"versionType": "custom"
},
{
"lessThan": "1.9.3",
"status": "affected",
"version": "1.9",
"versionType": "custom"
},
{
"lessThan": "1.8.4",
"status": "affected",
"version": "1.8",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-09-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-30T14:35:08.000Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingcentral.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html"
}
],
"source": {
"advisory": "SECBL022",
"defect": [
"PingCentral",
"Spring",
"Boot",
"actuators",
"may",
"disclosure",
"sensitive",
"information"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"DATE_PUBLIC": "2022-09-30T12:00:00.000Z",
"ID": "CVE-2022-23726",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingCentral",
"version": {
"version_data": [
{
"platform": "java",
"version_affected": "\u003c",
"version_name": "1.10",
"version_value": "1.10"
},
{
"platform": "java",
"version_affected": "\u003c",
"version_name": "1.9",
"version_value": "1.9.3"
},
{
"platform": "java",
"version_affected": "\u003c",
"version_name": "1.8",
"version_value": "1.8.4"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingcentral.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingcentral.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html",
"refsource": "CONFIRM",
"url": "https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html"
}
]
},
"source": {
"advisory": "SECBL022",
"defect": [
"PingCentral",
"Spring",
"Boot",
"actuators",
"may",
"disclosure",
"sensitive",
"information"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23726",
"datePublished": "2022-09-30T14:35:09.086Z",
"dateReserved": "2022-01-19T00:00:00.000Z",
"dateUpdated": "2025-05-20T16:02:08.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23725 (GCVE-0-2022-23725)
Vulnerability from cvelistv5 – Published: 2022-06-30 19:25 – Updated: 2024-08-03 03:51
VLAI?
Summary
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.
Severity ?
7.7 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Windows Login |
Affected:
unspecified , < 2.8
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "PingID Windows Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T19:25:46",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
},
"title": "PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23725",
"STATE": "PUBLIC",
"TITLE": "PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Windows Login",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "2.8"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522 Insufficiently Protected Credentials"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
]
},
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23725",
"datePublished": "2022-06-30T19:25:46",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23720 (GCVE-0-2022-23720)
Vulnerability from cvelistv5 – Published: 2022-06-30 19:25 – Updated: 2024-08-03 03:51
VLAI?
Summary
PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID Windows Login user endpoints. Using sensitive full permissions properties file outside of a privileged trust boundary leads to an increased risk of exposure or discovery, and an attacker could leverage these credentials to perform administrative actions against PingID APIs or endpoints.
Severity ?
7.5 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Windows Login |
Affected:
unspecified , < 2.8
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "PingID Windows Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID Windows Login user endpoints. Using sensitive full permissions properties file outside of a privileged trust boundary leads to an increased risk of exposure or discovery, and an attacker could leverage these credentials to perform administrative actions against PingID APIs or endpoints."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-648",
"description": "CWE-648 Incorrect Use of Privileged APIs",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T19:25:41",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
},
"title": "PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23720",
"STATE": "PUBLIC",
"TITLE": "PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Windows Login",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "2.8"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID Windows Login user endpoints. Using sensitive full permissions properties file outside of a privileged trust boundary leads to an increased risk of exposure or discovery, and an attacker could leverage these credentials to perform administrative actions against PingID APIs or endpoints."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-648 Incorrect Use of Privileged APIs"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
]
},
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23720",
"datePublished": "2022-06-30T19:25:41",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:45.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23719 (GCVE-0-2022-23719)
Vulnerability from cvelistv5 – Published: 2022-06-30 19:25 – Updated: 2024-08-03 03:51
VLAI?
Summary
PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the local Java service using multiple attack vectors. A successful attack can lead to code executed as SYSTEM by the PingID Windows Login application, or even a denial of service for offline security key authentication.
Severity ?
7.2 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Windows Login |
Affected:
unspecified , < 2.8
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "PingID Windows Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the local Java service using multiple attack vectors. A successful attack can lead to code executed as SYSTEM by the PingID Windows Login application, or even a denial of service for offline security key authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T19:25:35",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
},
"title": "PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23719",
"STATE": "PUBLIC",
"TITLE": "PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Windows Login",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "2.8"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the local Java service using multiple attack vectors. A successful attack can lead to code executed as SYSTEM by the PingID Windows Login application, or even a denial of service for offline security key authentication."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
]
},
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23719",
"datePublished": "2022-06-30T19:25:35",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23718 (GCVE-0-2022-23718)
Vulnerability from cvelistv5 – Published: 2022-06-30 19:25 – Updated: 2024-08-03 03:51
VLAI?
Summary
PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution. An attacker capable of achieving a sophisticated man-in-the-middle position, or to compromise Ping Identity web servers, could deliver malicious code that would be executed as SYSTEM by the PingID Windows Login application.
Severity ?
7.6 (High)
CWE
- CWE-1352 - OWASP Top Ten 2021 Category A06:2021 - Vulnerable and Outdated Components
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Windows Login |
Affected:
unspecified , < 2.8
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "PingID Windows Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution. An attacker capable of achieving a sophisticated man-in-the-middle position, or to compromise Ping Identity web servers, could deliver malicious code that would be executed as SYSTEM by the PingID Windows Login application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1352",
"description": "CWE-1352 OWASP Top Ten 2021 Category A06:2021 - Vulnerable and Outdated Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T19:25:30",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
},
"title": "PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23718",
"STATE": "PUBLIC",
"TITLE": "PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Windows Login",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "2.8"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution. An attacker capable of achieving a sophisticated man-in-the-middle position, or to compromise Ping Identity web servers, could deliver malicious code that would be executed as SYSTEM by the PingID Windows Login application."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1352 OWASP Top Ten 2021 Category A06:2021 - Vulnerable and Outdated Components"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
]
},
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23718",
"datePublished": "2022-06-30T19:25:30",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23717 (GCVE-0-2022-23717)
Vulnerability from cvelistv5 – Published: 2022-06-30 19:25 – Updated: 2024-08-03 03:51
VLAI?
Summary
PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.
Severity ?
5 (Medium)
CWE
- CWE-404 - Improper Resource Shutdown or Release
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Windows Login |
Affected:
unspecified , < 2.8
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "PingID Windows Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T19:25:27",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
],
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
},
"title": "PingID Windows Login prior to 2.8 denial of service condition",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23717",
"STATE": "PUBLIC",
"TITLE": "PingID Windows Login prior to 2.8 denial of service condition"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Windows Login",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "2.8"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404 Improper Resource Shutdown or Release"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
}
]
},
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23717",
"datePublished": "2022-06-30T19:25:27",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:45.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41995 (GCVE-0-2021-41995)
Vulnerability from cvelistv5 – Published: 2022-06-30 19:25 – Updated: 2024-08-04 03:22
VLAI?
Summary
A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.
Severity ?
7.7 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Mac Login |
Affected:
unspecified , < 1.1
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/hnh1653583508549.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"macOS"
],
"product": "PingID Mac Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T19:25:23",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/hnh1653583508549.html"
}
],
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
},
"title": "PingID Mac Login prior to 1.1 vulnerable to pre-computed dictionary attacks",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2021-41995",
"STATE": "PUBLIC",
"TITLE": "PingID Mac Login prior to 1.1 vulnerable to pre-computed dictionary attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Mac Login",
"version": {
"version_data": [
{
"platform": "macOS",
"version_affected": "\u003c",
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/hnh1653583508549.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/hnh1653583508549.html"
}
]
},
"source": {
"advisory": "SECADV031",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2021-41995",
"datePublished": "2022-06-30T19:25:23",
"dateReserved": "2021-10-04T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23724 (GCVE-0-2022-23724)
Vulnerability from cvelistv5 – Published: 2022-05-04 16:30 – Updated: 2024-08-03 03:51
VLAI?
Summary
Use of static encryption key material allows forging an authentication token to other users within a tenant organization. MFA may be bypassed by redirecting an authentication flow to a target user. To exploit the vulnerability, must have compromised user credentials.
Severity ?
6.4 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Integration for Windows Login |
Affected:
unspecified , ≤ 2.4.1
(custom)
|
Credits
Ping Identity credits Julian Scionti for the discovery and responsible disclosure of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/xqz1597139945488.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PingID Integration for Windows Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "2.4.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits Julian Scionti for the discovery and responsible disclosure of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of static encryption key material allows forging an authentication token to other users within a tenant organization. MFA may be bypassed by redirecting an authentication flow to a target user. To exploit the vulnerability, must have compromised user credentials."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-04T16:30:11",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/xqz1597139945488.html"
}
],
"source": {
"defect": [
"PID-9404",
"PID-9447"
],
"discovery": "EXTERNAL"
},
"title": " PingID Integration for Windows Login MFA Bypass",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23724",
"STATE": "PUBLIC",
"TITLE": " PingID Integration for Windows Login MFA Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Integration for Windows Login",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.1"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits Julian Scionti for the discovery and responsible disclosure of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of static encryption key material allows forging an authentication token to other users within a tenant organization. MFA may be bypassed by redirecting an authentication flow to a target user. To exploit the vulnerability, must have compromised user credentials."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/xqz1597139945488.html",
"refsource": "CONFIRM",
"url": "https://docs.pingidentity.com/bundle/pingid/page/xqz1597139945488.html"
}
]
},
"source": {
"defect": [
"PID-9404",
"PID-9447"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23724",
"datePublished": "2022-05-04T16:30:11",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23723 (GCVE-0-2022-23723)
Vulnerability from cvelistv5 – Published: 2022-05-02 22:05 – Updated: 2024-08-03 03:51
VLAI?
Summary
An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow.
Severity ?
7.7 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate PingOne MFA Integration Kit |
Affected:
1.4
Affected: 1.4.1 Affected: 1.5 Affected: 1.5.1 Affected: 1.5.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-pingone-mfa-ik/page/wpt1599064234202.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PingFederate PingOne MFA Integration Kit",
"vendor": "Ping Identity",
"versions": [
{
"status": "affected",
"version": "1.4"
},
{
"status": "affected",
"version": "1.4.1"
},
{
"status": "affected",
"version": "1.5"
},
{
"status": "affected",
"version": "1.5.1"
},
{
"status": "affected",
"version": "1.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T22:05:14",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-pingone-mfa-ik/page/wpt1599064234202.html"
}
],
"source": {
"advisory": "SECADV029",
"defect": [
"IK-2982"
],
"discovery": "INTERNAL"
},
"title": "PingFederate PingOneMFA Integration Kit MFA Bypass",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23723",
"STATE": "PUBLIC",
"TITLE": "PingFederate PingOneMFA Integration Kit MFA Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingFederate PingOne MFA Integration Kit",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "1.4",
"version_value": "1.4"
},
{
"version_affected": "=",
"version_name": "1.4.1",
"version_value": "1.4.1"
},
{
"version_affected": "=",
"version_name": "1.5",
"version_value": "1.5"
},
{
"version_affected": "=",
"version_name": "1.5.1",
"version_value": "1.5.1"
},
{
"version_affected": "=",
"version_name": "1.5.2",
"version_value": "1.5.2"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingfederate-pingone-mfa-ik/page/wpt1599064234202.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingfederate-pingone-mfa-ik/page/wpt1599064234202.html"
}
]
},
"source": {
"advisory": "SECADV029",
"defect": [
"IK-2982"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23723",
"datePublished": "2022-05-02T22:05:15",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:45.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23722 (GCVE-0-2022-23722)
Vulnerability from cvelistv5 – Published: 2022-05-02 22:05 – Updated: 2024-08-03 03:51
VLAI?
Summary
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.
Severity ?
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
11.0 , ≤ 11.0
(custom)
Affected: 10.3 , ≤ 10.3.4 (custom) Affected: 10.2 , ≤ 10.2.7 (custom) Affected: 10.1 , ≤ 10.1.9 (custom) Affected: 10.0 , ≤ 10.0.12 (custom) Affected: 9.3 , ≤ 9.3.3P16 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThanOrEqual": "11.0",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.3.4",
"status": "affected",
"version": "10.3",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.2.7",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.9",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.3.3P16",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-02T22:05:13",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
],
"source": {
"advisory": "SECBL021",
"defect": [
"PF-30450"
],
"discovery": "INTERNAL"
},
"title": "PingFederate Password Reset via Authentication API Mishandling",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2022-23722",
"STATE": "PUBLIC",
"TITLE": "PingFederate Password Reset via Authentication API Mishandling"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingFederate",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "11.0",
"version_value": "11.0"
},
{
"version_affected": "\u003c=",
"version_name": "10.3",
"version_value": "10.3.4"
},
{
"version_affected": "\u003c=",
"version_name": "10.2",
"version_value": "10.2.7"
},
{
"version_affected": "\u003c=",
"version_name": "10.1",
"version_value": "10.1.9"
},
{
"version_affected": "\u003c=",
"version_name": "10.0",
"version_value": "10.0.12"
},
{
"version_affected": "\u003c=",
"version_name": "9.3",
"version_value": "9.3.3P16"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user\u2019s password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingfederate-110/page/spk1642790928508.html"
}
]
},
"source": {
"advisory": "SECBL021",
"defect": [
"PF-30450"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2022-23722",
"datePublished": "2022-05-02T22:05:13",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42001 (GCVE-0-2021-42001)
Vulnerability from cvelistv5 – Published: 2022-04-30 21:15 – Updated: 2024-08-04 03:22
VLAI?
Summary
PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.
Severity ?
CWE
- CWE-310 - Cryptographic Issues
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Ping Identity | PingID Desktop |
Affected:
unspecified , < 1.7.3
(custom)
|
|||||||
|
|||||||||
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "PingID Desktop",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"macOS X"
],
"product": "PingID Desktop",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-30T21:15:23",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html"
}
],
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
},
"title": "PingID Desktop encryption libraries misconfiguration can lead to sensitive data exposure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2021-42001",
"STATE": "PUBLIC",
"TITLE": "PingID Desktop encryption libraries misconfiguration can lead to sensitive data exposure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Desktop",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "1.7.3"
}
]
}
},
{
"product_name": "PingID Desktop",
"version": {
"version_data": [
{
"platform": "macOS X",
"version_affected": "\u003c",
"version_value": "1.7.3"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html"
}
]
},
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2021-42001",
"datePublished": "2022-04-30T21:15:24",
"dateReserved": "2021-10-04T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41994 (GCVE-0-2021-41994)
Vulnerability from cvelistv5 – Published: 2022-04-30 21:15 – Updated: 2024-08-04 03:22
VLAI?
Summary
A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.
Severity ?
6.6 (Medium)
CWE
- CWE-310 - Cryptographic Issues
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Mobile Application |
Affected:
unspecified , < 1.19
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/ejd1642076304199.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"iOS"
],
"product": "PingID Mobile Application",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-30T21:15:22",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/ejd1642076304199.html"
}
],
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
},
"title": "PingID iOS mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2021-41994",
"STATE": "PUBLIC",
"TITLE": "PingID iOS mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Mobile Application",
"version": {
"version_data": [
{
"platform": "iOS",
"version_affected": "\u003c",
"version_value": "1.19"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/ejd1642076304199.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/ejd1642076304199.html"
}
]
},
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2021-41994",
"datePublished": "2022-04-30T21:15:22",
"dateReserved": "2021-10-04T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41993 (GCVE-0-2021-41993)
Vulnerability from cvelistv5 – Published: 2022-04-30 21:15 – Updated: 2024-08-04 03:22
VLAI?
Summary
A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.
Severity ?
6.6 (Medium)
CWE
- CWE-310 - Cryptographic Issues
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Mobile Application |
Affected:
unspecified , < 1.19
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zvy1641459415679.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Android"
],
"product": "PingID Mobile Application",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "1.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-30T21:15:20",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/zvy1641459415679.html"
}
],
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
},
"title": "PingID Android mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2021-41993",
"STATE": "PUBLIC",
"TITLE": "PingID Android mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Mobile Application",
"version": {
"version_data": [
{
"platform": "Android",
"version_affected": "\u003c",
"version_value": "1.19"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/zvy1641459415679.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/zvy1641459415679.html"
}
]
},
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2021-41993",
"datePublished": "2022-04-30T21:15:21",
"dateReserved": "2021-10-04T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41992 (GCVE-0-2021-41992)
Vulnerability from cvelistv5 – Published: 2022-04-30 21:15 – Updated: 2024-08-04 03:22
VLAI?
Summary
A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.
Severity ?
7.7 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingID Windows Login |
Affected:
unspecified , < 2.7
(custom)
|
Credits
Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/klc1641469599716.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "PingID Windows Login",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "2.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-30T21:15:19",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingid/page/klc1641469599716.html"
}
],
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
},
"title": "PingID Windows Login RSA cryptographic weakness with possible offline MFA bypass",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2021-41992",
"STATE": "PUBLIC",
"TITLE": "PingID Windows Login RSA cryptographic weakness with possible offline MFA bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingID Windows Login",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingid.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingid/page/klc1641469599716.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingid/page/klc1641469599716.html"
}
]
},
"source": {
"advisory": "SECADV030",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2021-41992",
"datePublished": "2022-04-30T21:15:19",
"dateReserved": "2021-10-04T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42000 (GCVE-0-2021-42000)
Vulnerability from cvelistv5 – Published: 2022-02-10 22:30 – Updated: 2024-08-04 03:22
VLAI?
Summary
When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password.
Severity ?
5.3 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ping Identity | PingFederate |
Affected:
9.3.3-P15 , < 9.3.0*
(custom)
Affected: 10.0.11 , < 10.0.0* (custom) Affected: 10.1.8 , < 10.1.0* (custom) Affected: 10.2.6 , < 10.2.0* (custom) Affected: 10.3.2 , < 10.3.0* (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:25.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PingFederate",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "9.3.0*",
"status": "affected",
"version": "9.3.3-P15",
"versionType": "custom"
},
{
"lessThan": "10.0.0*",
"status": "affected",
"version": "10.0.11",
"versionType": "custom"
},
{
"lessThan": "10.1.0*",
"status": "affected",
"version": "10.1.8",
"versionType": "custom"
},
{
"lessThan": "10.2.0*",
"status": "affected",
"version": "10.2.6",
"versionType": "custom"
},
{
"lessThan": "10.3.0*",
"status": "affected",
"version": "10.3.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-10T22:30:11",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
}
],
"solutions": [
{
"lang": "en",
"value": "PingFederate product patched versions 9.3.3-P16, 10.0.12, 10.1.9, 10.2.7, 10.3.3"
}
],
"source": {
"advisory": "SECBL020",
"defect": [
"PF-29924"
],
"discovery": "INTERNAL"
},
"title": "Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"ID": "CVE-2021-42000",
"STATE": "PUBLIC",
"TITLE": "Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PingFederate",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "9.3.0",
"version_value": "9.3.3-P15"
},
{
"version_affected": "\u003e=",
"version_name": "10.0.0",
"version_value": "10.0.11"
},
{
"version_affected": "\u003e=",
"version_name": "10.1.0",
"version_value": "10.1.8"
},
{
"version_affected": "\u003e=",
"version_name": "10.2.0",
"version_value": "10.2.6"
},
{
"version_affected": "\u003e=",
"version_name": "10.3.0",
"version_value": "10.3.2"
}
]
}
}
]
},
"vendor_name": "Ping Identity"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285 Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html",
"refsource": "MISC",
"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"
},
{
"name": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html",
"refsource": "MISC",
"url": "https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "PingFederate product patched versions 9.3.3-P16, 10.0.12, 10.1.9, 10.2.7, 10.3.3"
}
],
"source": {
"advisory": "SECBL020",
"defect": [
"PF-29924"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2021-42000",
"datePublished": "2022-02-10T22:30:11",
"dateReserved": "2021-10-04T00:00:00",
"dateUpdated": "2024-08-04T03:22:25.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}