CVE-2021-40329

🗓️ 27 Sep 2021 16:22:11Reported by Ping IdentityType

The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management

Reporter	Title	Published	Views	Family All 6
Circl	CVE-2021-40329	27 Sep 202120:35	–	circl
CNNVD	Ping Identity PingFederate 加密问题漏洞	27 Sep 202100:00	–	cnnvd
Cvelist	CVE-2021-40329	27 Sep 202116:22	–	cvelist
EUVD	EUVD-2021-27509	3 Oct 202520:07	–	euvd
NVD	CVE-2021-40329	27 Sep 202117:15	–	nvd
Prion	Authentication flaw	27 Sep 202117:15	–	prion

NVD

Node

pingidentity pingfederateRange<10.3

[
  {
    "product": "PingFederate",
    "vendor": "Ping Identity",
    "versions": [
      {
        "status": "affected",
        "version": "9.2.3"
      }
    ]
  },
  {
    "product": "PingFederate",
    "vendor": "Ping Identity",
    "versions": [
      {
        "status": "affected",
        "version": "9.3.3"
      }
    ]
  },
  {
    "product": "PingFederate",
    "vendor": "Ping Identity",
    "versions": [
      {
        "status": "affected",
        "version": "10.0.9"
      }
    ]
  },
  {
    "product": "PingFederate",
    "vendor": "Ping Identity",
    "versions": [
      {
        "status": "affected",
        "version": "10.1.6"
      }
    ]
  },
  {
    "product": "PingFederate",
    "vendor": "Ping Identity",
    "versions": [
      {
        "status": "affected",
        "version": "10.2.3"
      }
    ]
  }
]

Source	Link
docs	www.docs.pingidentity.com/bundle/pingfederate-103/page/cou1615333347158.html

21 Nov 2024 06:23Current

9.5High risk

Vulners AI Score9.5

CVSS 27.5

CVSS 3.19.8

EPSS0.00404