Skip to main content

Pingone Mfa Integration Kit

2 CVEs product

Monthly

CVE-2023-39231 MEDIUM This Month

PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Pingone Mfa Integration Kit
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-23723 HIGH This Week

An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pingone Mfa Integration Kit
NVD
CVSS 3.1
7.7
EPSS
0.8%
EPSS 1% CVSS 6.5
MEDIUM This Month

PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Pingone Mfa Integration Kit
NVD
EPSS 1% CVSS 7.7
HIGH This Week

An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pingone Mfa Integration Kit
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy