Ping Identity Schwachstellen

Zeitverlauf

Typ

Not Defined	29
iOS App Software	1
Android App Software	1
SSH Server Software	1

Produkt

Ping Identity PingID	11
Ping Identity PingFederate	10
Ping Identity PingDirectory	1
Ping Identity PingOne MFA Integration Kit	1
Ping Identity Self-Service Account Manager	1

Massnahmen

Official Fix	20
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	12

Ausnutzbarkeit

High	0
Functional	0
Proof-of-Concept	1
Unproven	0
Not Defined	31

Zugriffsart

Not Defined	0
Physical	2
Local	1
Adjacent	11
Network	18

Authentisierung

Not Defined	0
High	9
Low	10
None	13

Benutzeraktivität

Not Defined	0
Required	7
None	25

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	1
≤5	7
≤6	10
≤7	8
≤8	3
≤9	3
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	1
≤5	8
≤6	10
≤7	7
≤8	3
≤9	3
≤10	0

VulDB

≤1	0
≤2	3
≤3	3
≤4	4
≤5	9
≤6	4
≤7	6
≤8	3
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	3
≤7	4
≤8	3
≤9	4
≤10	4

CNA

≤1	0
≤2	0
≤3	1
≤4	1
≤5	1
≤6	2
≤7	5
≤8	12
≤9	2
≤10	0

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	11
<2k	17
<5k	4
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	29
<2k	3
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (13): Agentless Integration Kit (1), OpenID Connect Authentication Module (1), PingAccess (1), PingCentral (1), PingDirectory (1), PingFederate (10), PingFederate PingOne MFA Integration Kit (1), PingID (11), PingID Desktop (1), PingID SSH (1), PingOne MFA Integration Kit (1), RSA SecurID Integration Kit (1), Self-Service Account Manager (1)

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
10.04.2024	6.9	6.8	Ping Identity PingFederate HTTP POST Request erweiterte Rechte	Unbekannt	Not Defined	Official Fix	0.00043	0.03	CVE-2023-40148
06.02.2024	8.6	8.6	Ping Identity PingFederate Requests schwache Authentisierung	Unbekannt	Not Defined	Not Defined	0.00067	0.03	CVE-2023-40545
02.02.2024	7.6	7.5	Ping Identity PingDirectory erweiterte Rechte	Unbekannt	Not Defined	Official Fix	0.00055	0.04	CVE-2023-36496
25.10.2023	6.0	6.0	Ping Identity PingOne MFA Integration Kit schwache Authentisierung	Unbekannt	Not Defined	Not Defined	0.00046	0.02	CVE-2023-39231
25.10.2023	7.9	7.9	Ping Identity PingFederate Radius PCV schwache Authentisierung	Unbekannt	Not Defined	Not Defined	0.00091	0.08	CVE-2023-39930
25.10.2023	8.1	8.1	Ping Identity PingFederate Identifier First Adapter schwache Authentisierung	Unbekannt	Not Defined	Not Defined	0.00091	0.02	CVE-2023-37283
25.10.2023	6.2	6.2	Ping Identity PingFederate Java Denial of Service	Unbekannt	Not Defined	Not Defined	0.00046	0.04	CVE-2023-39219
25.10.2023	3.2	3.2	Ping Identity PingFederate AWS DynamoDB Table Information Disclosure	Unbekannt	Not Defined	Not Defined	0.00045	0.00	CVE-2023-34085
25.04.2023	6.5	6.5	Ping Identity PingFederate GET Request idprofile.ping Cross Site Request Forgery	Unbekannt	Not Defined	Not Defined	0.00058	0.02	CVE-2022-40724
09.04.2023	4.4	4.3	Ping Identity Self-Service Account Manager SSAMController.java Cross Site Scripting	Unbekannt	Not Defined	Official Fix	0.00090	0.05	CVE-2018-25084

22 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 22 results.

◂ ZurückÜbersichtWeiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!