Pingidm
Monthly
Remote attackers can spoof client-mode Remote Connector Servers in PingIDM to intercept and modify identity security properties including passwords and account recovery information, due to insufficient access control granularity that prevents administrators from properly restricting RCS communications. This vulnerability affects PingIDM deployments using Remote Connector Servers in client mode and requires specific RCS configuration to be exploitable; no public exploit code has been identified at the time of analysis.
Remote attackers can spoof client-mode Remote Connector Servers in PingIDM to intercept and modify identity security properties including passwords and account recovery information, due to insufficient access control granularity that prevents administrators from properly restricting RCS communications. This vulnerability affects PingIDM deployments using Remote Connector Servers in client mode and requires specific RCS configuration to be exploitable; no public exploit code has been identified at the time of analysis.