Vulnerabilities > Pingidentity > Pingone MFA Integration KIT
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-25 | CVE-2023-39231 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingone MFA Integration KIT 2.2 PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. | 6.5 |
2022-05-02 | CVE-2022-23723 | Improper Authentication vulnerability in Pingidentity Pingone MFA Integration KIT An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow. | 5.0 |