CVE-2022-23717

PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.
Configurations

Configuration 1 (hide)

cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:49

Type Values Removed Values Added
CVSS v2 : 4.9
v3 : 5.5
v2 : 4.9
v3 : 5.0
References () https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html - Release Notes, Vendor Advisory () https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html - Release Notes, Vendor Advisory
References () https://www.pingidentity.com/en/resources/downloads/pingid.html - Product, Vendor Advisory () https://www.pingidentity.com/en/resources/downloads/pingid.html - Product, Vendor Advisory

Information

Published : 2022-06-30 20:15

Updated : 2024-11-21 06:49


NVD link : CVE-2022-23717

Mitre link : CVE-2022-23717

CVE.ORG link : CVE-2022-23717


JSON object : View

Products Affected

pingidentity

  • pingid_integration_for_windows_login
CWE
CWE-404

Improper Resource Shutdown or Release