VYPR

Vendor CVEs

Pingidentity

All CVEs

54 total · sorted by risk
  • CVE-2025-20059CriFeb 20, 2025
    risk 0.59cvss 9.1epss 0.01

    Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9.

  • CVE-2023-40356HigJul 9, 2024
    risk 0.57cvss epss 0.00

    PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA configuration. Under certain conditions, this configuration could allow for a new MFA device to be paired with a target user account without requiring second-factor authentication from…

  • CVE-2024-23316HigMay 31, 2024
    risk 0.57cvss epss 0.01

    HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests.

  • CVE-2025-27935HigDec 4, 2025
    risk 0.56cvss epss 0.00

    The OTP Integration Kit for PingFederate fails to enforce HTTP method validation and state validation properly. The server advances the authentication state without verifying the OTP, thereby bypassing multi-factor authentication.

  • CVE-2017-6062HigMar 2, 2017
    risk 0.56cvss 8.6epss 0.04

    The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass…

  • CVE-2023-40702HigJul 9, 2024
    risk 0.50cvss epss 0.00

    PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability…

  • CVE-2017-6059HigApr 12, 2017
    risk 0.49cvss 7.5epss 0.05

    Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request.

  • CVE-2025-20628MedApr 7, 2026
    risk 0.45cvss epss 0.00

    An insufficient granularity of access control vulnerability exists in PingIDM (formerly ForgeRock Identity Management) where administrators cannot properly configure access rules for Remote Connector Servers (RCS) running in client mode. This means attackers can spoof a…

  • CVE-2024-25573MedJun 15, 2025
    risk 0.45cvss epss 0.00

    Unsanitized user-supplied data saved in the PingFederate Administrative Console could trigger the execution of JavaScript code in subsequent user processing.

  • CVE-2025-22854MedJun 15, 2025
    risk 0.45cvss epss 0.00

    Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions.

  • CVE-2023-40148MedApr 10, 2024
    risk 0.42cvss 6.5epss 0.00

    Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.

  • CVE-2026-20746MedJun 12, 2026
    risk 0.41cvss epss 0.00

    Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attributes that reference ds-privilege-name values.

  • CVE-2024-23983MedNov 11, 2024
    risk 0.38cvss epss 0.00

    Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules.

  • CVE-2024-21832LowJul 9, 2024
    risk 0.23cvss 3.5epss 0.00

    A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.

  • CVE-2024-23600LowAug 1, 2024
    risk 0.18cvss 2.7epss 0.01

    Improper Input Validation of query search results for private field data in PingIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure.

  • CVE-2025-21085LowJun 15, 2025
    risk 0.14cvss epss 0.00

    PingFederate OAuth2 grant duplication in PostgreSQL persistent storage allows OAuth2 requests to use excessive memory utilization.

  • CVE-2020-10654May 13, 2020
    risk 0.01cvss epss 0.03

    Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint.

  • CVE-2025-26862NonOct 27, 2025
    risk 0.00cvss epss 0.00

    Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks.

  • CVE-2024-22377Jul 9, 2024
    risk 0.00cvss epss 0.00

    The deploy directory in PingFederate runtime nodes is reachable to unauthorized users.

  • CVE-2024-22477Jul 9, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.

  • CVE-2023-40545Feb 6, 2024
    risk 0.00cvss epss 0.01

    Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.

  • CVE-2023-34085Oct 25, 2023
    risk 0.00cvss epss 0.00

    When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request

  • CVE-2023-39219Oct 25, 2023
    risk 0.00cvss epss 0.01

    PingFederate Administrative Console dependency contains a weakness where console becomes unresponsive with crafted Java class loading enumeration requests

  • CVE-2023-37283Oct 25, 2023
    risk 0.00cvss epss 0.01

    Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter

  • CVE-2023-39930Oct 24, 2023
    risk 0.00cvss epss 0.01

    A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request.

  • CVE-2023-39231Oct 24, 2023
    risk 0.00cvss epss 0.01

    PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. A threat actor may be able to exploit this vulnerability to register their own MFA device if they have knowledge of…

  • CVE-2022-40724Apr 25, 2023
    risk 0.00cvss epss 0.00

    The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.

  • CVE-2022-40723Apr 25, 2023
    risk 0.00cvss epss 0.01

    The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.

  • CVE-2022-40725Apr 25, 2023
    risk 0.00cvss epss 0.00

    PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.

  • CVE-2022-40722Apr 25, 2023
    risk 0.00cvss epss 0.00

    A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.

  • CVE-2022-23721Apr 25, 2023
    risk 0.00cvss epss 0.00

    PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times.

  • CVE-2018-25084Apr 10, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross…

  • CVE-2022-23726Sep 30, 2022
    risk 0.00cvss epss 0.01

    PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information.

  • CVE-2022-23725Jun 30, 2022
    risk 0.00cvss epss 0.00

    PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

  • CVE-2022-23720Jun 30, 2022
    risk 0.00cvss epss 0.00

    PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by…

  • CVE-2022-23719Jun 30, 2022
    risk 0.00cvss epss 0.00

    PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the local Java service using multiple attack…

  • CVE-2022-23718Jun 30, 2022
    risk 0.00cvss epss 0.02

    PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution. An attacker capable of achieving a sophisticated man-in-the-middle position, or to compromise Ping Identity web servers, could deliver malicious code that would be executed…

  • CVE-2022-23717Jun 30, 2022
    risk 0.00cvss epss 0.00

    PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.

  • CVE-2021-41995Jun 30, 2022
    risk 0.00cvss epss 0.01

    A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.

  • CVE-2022-23724May 4, 2022
    risk 0.00cvss epss 0.00

    Use of static encryption key material allows forging an authentication token to other users within a tenant organization. MFA may be bypassed by redirecting an authentication flow to a target user. To exploit the vulnerability, must have compromised user credentials.

  • CVE-2022-23723May 2, 2022
    risk 0.00cvss epss 0.01

    An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow.

  • CVE-2022-23722May 2, 2022
    risk 0.00cvss epss 0.01

    When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.

  • CVE-2021-42001Apr 30, 2022
    risk 0.00cvss epss 0.00

    PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.

  • CVE-2021-41994Apr 30, 2022
    risk 0.00cvss epss 0.00

    A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.

  • CVE-2021-41993Apr 30, 2022
    risk 0.00cvss epss 0.00

    A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass when using PingID Windows Login.

  • CVE-2021-41992Apr 30, 2022
    risk 0.00cvss epss 0.00

    A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.

  • CVE-2021-42000Feb 10, 2022
    risk 0.00cvss epss 0.01

    When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password.

  • CVE-2021-41770Oct 7, 2021
    risk 0.00cvss epss 0.01

    Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure.

  • CVE-2021-40329Sep 27, 2021
    risk 0.00cvss epss 0.01

    The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management.

  • CVE-2021-31923Sep 24, 2021
    risk 0.00cvss epss 0.01

    Ping Identity PingAccess before 5.3.3 allows HTTP request smuggling via header manipulation.

Page 1 of 2