FKIE_CVE-2022-23720

Vulnerability from fkie_nvd - Published: 2022-06-30 20:15 - Updated: 2024-11-21 06:49
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID Windows Login user endpoints. Using sensitive full permissions properties file outside of a privileged trust boundary leads to an increased risk of exposure or discovery, and an attacker could leverage these credentials to perform administrative actions against PingID APIs or endpoints.
References
responsible-disclosure@pingidentity.comhttps://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.htmlRelease Notes, Vendor Advisory
responsible-disclosure@pingidentity.comhttps://www.pingidentity.com/en/resources/downloads/pingid.htmlProduct, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.htmlRelease Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.pingidentity.com/en/resources/downloads/pingid.htmlProduct, Vendor Advisory
Impacted products
Vendor Product Version
pingidentity pingid_integration_for_windows_login *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D631B535-D41D-4179-8E1B-CCAC61DC5236",
              "versionEndExcluding": "2.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID Windows Login user endpoints. Using sensitive full permissions properties file outside of a privileged trust boundary leads to an increased risk of exposure or discovery, and an attacker could leverage these credentials to perform administrative actions against PingID APIs or endpoints."
    },
    {
      "lang": "es",
      "value": "PingID Windows Login versiones anteriores a 2.8, no alerta o detiene la operaci\u00f3n si ha sido provisto con el archivo de propiedades de PingID con todos los permisos. Un administrador de TI podr\u00eda desplegar por error credenciales de API PingID con privilegios de administrador, como los usados t\u00edpicamente por PingFederate, en los endpoints de usuario de PingID Windows Login. El uso de un archivo de propiedades de permisos completos confidenciales fuera de un l\u00edmite confiable privilegiado conlleva a un mayor riesgo de exposici\u00f3n o detecci\u00f3n, y un atacante podr\u00eda aprovechar estas credenciales para llevar a cabo acciones administrativas contra las APIs de PingID o los endpoints"
    }
  ],
  "id": "CVE-2022-23720",
  "lastModified": "2024-11-21T06:49:10.640",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 6.0,
        "source": "responsible-disclosure@pingidentity.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-06-30T20:15:08.377",
  "references": [
    {
      "source": "responsible-disclosure@pingidentity.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
    },
    {
      "source": "responsible-disclosure@pingidentity.com",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://www.pingidentity.com/en/resources/downloads/pingid.html"
    }
  ],
  "sourceIdentifier": "responsible-disclosure@pingidentity.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-288"
        },
        {
          "lang": "en",
          "value": "CWE-648"
        }
      ],
      "source": "responsible-disclosure@pingidentity.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.