Known Vulnerabilities for products from Pingidentity
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pingidentity".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-39930 json | A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentica... | 9.8 - CRITICAL | 2023-10-25 | 2023-10-31 |
| CVE-2023-39231 json | PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authenticatio... | 6.5 - MEDIUM | 2023-10-25 | 2023-10-31 |
| CVE-2023-39219 json | PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class... | 7.5 - HIGH | 2023-10-25 | 2024-02-01 |
| CVE-2023-37283 json | Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifie... | 9.8 - CRITICAL | 2023-10-25 | 2024-02-01 |
| CVE-2023-34085 json | When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user usin... | 4.3 - MEDIUM | 2023-10-25 | 2023-10-31 |
| CVE-2022-40725 json | PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximu... | 6.1 - MEDIUM | 2023-04-25 | 2023-05-04 |
| CVE-2022-40724 json | The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) thr... | 8.8 - HIGH | 2023-04-25 | 2023-05-04 |
| CVE-2022-40723 json | The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA by... | 6.5 - MEDIUM | 2023-04-25 | 2023-05-04 |
| CVE-2022-40722 json | A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobil... | 5.8 - MEDIUM | 2023-04-25 | 2023-05-04 |
| CVE-2022-23726 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.9 - MEDIUM | 2022-09-30 | 2022-10-04 |
| CVE-2022-23725 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-06-30 | 2023-07-13 |
| CVE-2022-23724 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2022-05-04 | 2023-06-27 |
| CVE-2022-23723 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.7 - HIGH | 2022-05-02 | 2022-09-03 |
| CVE-2022-23722 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-05-02 | 2023-11-07 |
| CVE-2022-23721 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 3.3 - LOW | 2023-04-25 | 2023-05-04 |
| CVE-2022-23720 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.2 - HIGH | 2022-06-30 | 2022-07-13 |
| CVE-2022-23719 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.4 - MEDIUM | 2022-06-30 | 2023-07-03 |
| CVE-2022-23718 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2022-06-30 | 2022-07-11 |
| CVE-2022-23717 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-06-30 | 2022-07-11 |
| CVE-2021-42001 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.9 - CRITICAL | 2022-04-30 | 2023-07-17 |
Known software with vulnerabilities from Pingidentity
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pingidentity | Agentless Integration Kit | 1.0 |
| Application | Pingidentity | Ldapsdk | 1.1.0 |
| Application | Pingidentity | Pingfederate | 6.10.1 |
| Application | Pingidentity | Pingid Ssh Integration | 4.0.14 |