Vulnerabilities > Pingidentity > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2023-40545 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingfederate 11.3.0 Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests. | 9.8 |
| 2023-10-25 | CVE-2023-37283 | Improper Authentication vulnerability in Pingidentity Pingfederate Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter | 9.8 |
| 2023-10-25 | CVE-2023-39930 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingid Radius PCV 3.0.0 A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request. | 9.8 |
| 2022-04-30 | CVE-2021-42001 | Unspecified vulnerability in Pingidentity Pingid Desktop PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. | 9.9 |
| 2021-09-27 | CVE-2021-40329 | Unspecified vulnerability in Pingidentity Pingfederate The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management. | 9.8 |
| 2020-05-13 | CVE-2020-10654 | Out-of-bounds Write vulnerability in Pingidentity Pingid SSH Integration Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. | 9.8 |
| 2018-03-16 | CVE-2018-1000134 | Weak Password Requirements vulnerability in Pingidentity Ldapsdk UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. | 9.8 |