CVE-2023-40148

Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.
Configurations

No configuration.

History

21 Nov 2024, 08:18

Type Values Removed Values Added
References () https://docs.pingidentity.com/r/en-us/pingfederate-120/tuj1708533127032 - () https://docs.pingidentity.com/r/en-us/pingfederate-120/tuj1708533127032 -
References () https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html - () https://www.pingidentity.com/en/resources/downloads/pingfederate/previous-releases.html -
Summary
  • (es) Server-Side Request Forgery (SSRF) en PingFederate permite que las solicitudes http no autenticadas ataquen recursos de la red y consuman recursos del lado del servidor a través de solicitudes HTTP POST falsificadas.

10 Apr 2024, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-10 00:15

Updated : 2024-11-21 08:18


NVD link : CVE-2023-40148

Mitre link : CVE-2023-40148

CVE.ORG link : CVE-2023-40148


JSON object : View

Products Affected

No product.

CWE
CWE-918

Server-Side Request Forgery (SSRF)