Unrated severityNVD Advisory· Published Feb 6, 2024· Updated Aug 22, 2024
PingFederate OAuth client_secret_jwt Authentication Bypass
CVE-2023-40545
Description
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
211.3+ 1 more
- (no CPE)range: 11.3
- (no CPE)range: 11.3.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.