← Volver a CVEs
CVE-2022-40723
MEDIUM6.5
Descripcion
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
Detalles CVE
Puntuacion CVSS v3.16.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado4/25/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
pingidentity:pingfederatepingidentity:pingid_integration_kitpingidentity:radius_pcv
Debilidades (CWE)
CWE-305CWE-287
Referencias
https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn(responsible-disclosure@pingidentity.com)
https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.