PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.
References
Link | Resource |
---|---|
https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html | Release Notes Vendor Advisory |
https://www.pingidentity.com/en/resources/downloads/pingid.html | Product Vendor Advisory |
https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html | Release Notes Vendor Advisory |
https://www.pingidentity.com/en/resources/downloads/pingid.html | Product Vendor Advisory |
Configurations
History
21 Nov 2024, 06:49
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.9
v3 : 5.0 |
References | () https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html - Release Notes, Vendor Advisory | |
References | () https://www.pingidentity.com/en/resources/downloads/pingid.html - Product, Vendor Advisory |
Information
Published : 2022-06-30 20:15
Updated : 2024-11-21 06:49
NVD link : CVE-2022-23717
Mitre link : CVE-2022-23717
CVE.ORG link : CVE-2022-23717
JSON object : View
Products Affected
pingidentity
- pingid_integration_for_windows_login
CWE
CWE-404
Improper Resource Shutdown or Release