Pingidentity
Products
20- 19 CVEs
- 9 CVEs
- 4 CVEs
- 4 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
54| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-20059 | Cri | 0.59 | 9.1 | 0.01 | Feb 20, 2025 | Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9. | ||
| CVE-2023-40356 | Hig | 0.57 | — | 0.00 | Jul 9, 2024 | PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA configuration. Under certain conditions, this configuration could allow for a new MFA device to be paired with a target user account without requiring second-factor authentication from… | ||
| CVE-2024-23316 | Hig | 0.57 | — | 0.01 | May 31, 2024 | HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests. | ||
| CVE-2025-27935 | Hig | 0.56 | — | 0.00 | Dec 4, 2025 | The OTP Integration Kit for PingFederate fails to enforce HTTP method validation and state validation properly. The server advances the authentication state without verifying the OTP, thereby bypassing multi-factor authentication. | ||
| CVE-2017-6062 | Hig | 0.56 | 8.6 | 0.04 | Mar 2, 2017 | The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass… | ||
| CVE-2023-40702 | Hig | 0.50 | — | 0.00 | Jul 9, 2024 | PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability… | ||
| CVE-2017-6059 | Hig | 0.49 | 7.5 | 0.05 | Apr 12, 2017 | Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request. | ||
| CVE-2025-20628 | Med | 0.45 | — | 0.00 | Apr 7, 2026 | An insufficient granularity of access control vulnerability exists in PingIDM (formerly ForgeRock Identity Management) where administrators cannot properly configure access rules for Remote Connector Servers (RCS) running in client mode. This means attackers can spoof a… | ||
| CVE-2024-25573 | Med | 0.45 | — | 0.00 | Jun 15, 2025 | Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing. | ||
| CVE-2025-22854 | Med | 0.45 | — | 0.00 | Jun 15, 2025 | Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions. | ||
| CVE-2023-40148 | Med | 0.42 | 6.5 | 0.00 | Apr 10, 2024 | Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests. | ||
| CVE-2026-20746 | Med | 0.41 | — | 0.00 | Jun 12, 2026 | Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attributes that reference ds-privilege-name values. | ||
| CVE-2024-23983 | Med | 0.38 | — | 0.00 | Nov 11, 2024 | Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules. | ||
| CVE-2024-21832 | Low | 0.23 | 3.5 | 0.00 | Jul 9, 2024 | A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body. | ||
| CVE-2024-23600 | Low | 0.18 | 2.7 | 0.01 | Aug 1, 2024 | Improper Input Validation of query search results for private field data in PingIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure. | ||
| CVE-2025-21085 | Low | 0.14 | — | 0.00 | Jun 15, 2025 | PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization. | ||
| CVE-2020-10654 | 0.01 | — | 0.03 | May 13, 2020 | Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint. | |||
| CVE-2025-26862 | Non | 0.00 | — | 0.00 | Oct 27, 2025 | Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks. | ||
| CVE-2024-22377 | 0.00 | — | 0.00 | Jul 9, 2024 | The deploy directory in PingFederate runtime nodes is reachable to unauthorized users. | |||
| CVE-2024-22477 | 0.00 | — | 0.00 | Jul 9, 2024 | A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only. |
- risk 0.59cvss 9.1epss 0.01
Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9.
- risk 0.57cvss —epss 0.00
PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA configuration. Under certain conditions, this configuration could allow for a new MFA device to be paired with a target user account without requiring second-factor authentication from…
- risk 0.57cvss —epss 0.01
HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests.
- risk 0.56cvss —epss 0.00
The OTP Integration Kit for PingFederate fails to enforce HTTP method validation and state validation properly. The server advances the authentication state without verifying the OTP, thereby bypassing multi-factor authentication.
- risk 0.56cvss 8.6epss 0.04
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass…
- risk 0.50cvss —epss 0.00
PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability…
- risk 0.49cvss 7.5epss 0.05
Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request.
- risk 0.45cvss —epss 0.00
An insufficient granularity of access control vulnerability exists in PingIDM (formerly ForgeRock Identity Management) where administrators cannot properly configure access rules for Remote Connector Servers (RCS) running in client mode. This means attackers can spoof a…
- risk 0.45cvss —epss 0.00
Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.
- risk 0.45cvss —epss 0.00
Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions.
- risk 0.42cvss 6.5epss 0.00
Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.
- risk 0.41cvss —epss 0.00
Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attributes that reference ds-privilege-name values.
- risk 0.38cvss —epss 0.00
Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules.
- risk 0.23cvss 3.5epss 0.00
A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.
- risk 0.18cvss 2.7epss 0.01
Improper Input Validation of query search results for private field data in PingIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure.
- risk 0.14cvss —epss 0.00
PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization.
- CVE-2020-10654May 13, 2020risk 0.01cvss —epss 0.03
Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint.
- risk 0.00cvss —epss 0.00
Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks.
- CVE-2024-22377Jul 9, 2024risk 0.00cvss —epss 0.00
The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.
- CVE-2024-22477Jul 9, 2024risk 0.00cvss —epss 0.00
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.