PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.
References
Link | Resource |
---|---|
https://docs.pingidentity.com/r/en-us/pingid/desktop_app_1.7.4 | Release Notes |
Configurations
History
04 May 2023, 19:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:pingidentity:desktop:*:*:*:*:*:*:*:* | |
CWE | CWE-306 | |
References | (MISC) https://docs.pingidentity.com/r/en-us/pingid/desktop_app_1.7.4 - Release Notes | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
25 Apr 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-25 19:15
Updated : 2024-02-04 23:37
NVD link : CVE-2022-40725
Mitre link : CVE-2022-40725
CVE.ORG link : CVE-2022-40725
JSON object : View
Products Affected
pingidentity
- desktop