Vulnerabilities > Pingidentity > Pingid Integration FOR Windows Login > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-30	CVE-2022-23718	Unspecified vulnerability in Pingidentity Pingid Integration for Windows Login PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution. network high complexity pingidentity	8.1
2022-06-30	CVE-2022-23720	Improper Privilege Management vulnerability in Pingidentity Pingid Integration for Windows Login PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. local low complexity pingidentity CWE-269	8.2
2022-05-04	CVE-2022-23724	Use of Hard-coded Credentials vulnerability in Pingidentity Pingid Integration for Windows Login Use of static encryption key material allows forging an authentication token to other users within a tenant organization. network low complexity pingidentity CWE-798	8.1
2020-09-23	CVE-2020-25826	Incorrect Permission Assignment for Critical Resource vulnerability in Pingidentity Pingid Integration for Windows Login PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe. local low complexity pingidentity CWE-732	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.