CVE-2023-37283

Summary

Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter

Affected Software

VendorProductVersion RangeStatus
Ping IdentityPingFederate11.3 <= 11.3.0affected
Ping IdentityPingFederate11.2.0 <= 11.2.6affected
Ping IdentityPingFederate11.1.0 <= 11.1.7affected
Ping IdentityPingFederate10.3.0 <= 10.3.12affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References