Vulnerabilities > Pingidentity > Pingid Integration KIT > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-25 | CVE-2022-40722 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Pingidentity products A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA. | 5.8 |
2023-04-25 | CVE-2022-40723 | Improper Authentication vulnerability in Pingidentity Pingfederate, Pingid Integration KIT and Radius PCV The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations. | 6.5 |