VYPR

PingID Desktop

by Pingidentity

CVEs (2)

  • CVE-2022-40725Apr 25, 2023
    risk 0.00cvss epss 0.00

    PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.

  • CVE-2021-42001Apr 30, 2022
    risk 0.00cvss epss 0.00

    PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.