Vulnerabilities > Pingidentity > Pingid Integration KIT > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2022-40722 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Pingidentity products
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.
network
high complexity
pingidentity CWE-327
5.8
2023-04-25 CVE-2022-40723 Improper Authentication vulnerability in Pingidentity Pingfederate, Pingid Integration KIT and Radius PCV
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
network
low complexity
pingidentity CWE-287
6.5