CVE-2022-23719

🗓️ 30 Jun 2022 19:25:35Reported by Ping IdentityType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 66 Views

PingID Windows Login prior to 2.8 allows code execution as SYSTEM or denial of service

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-23719	30 Jun 202220:15	–	attackerkb
BDU FSTEC	The vulnerability of the PingID software for multi-factor authentication of applications in Windows occurs due to errors in verifying the connection with the local Java service. This allows a perpetrator to execute arbitrary code or cause a service failure.	1 Jul 202200:00	–	bdu_fstec
CNNVD	Ping Identity Windows PingId 访问控制错误漏洞	30 Jun 202200:00	–	cnnvd
Cvelist	CVE-2022-23719 PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests	30 Jun 202219:25	–	cvelist
EUVD	EUVD-2022-28655	3 Oct 202520:07	–	euvd
NVD	CVE-2022-23719	30 Jun 202220:15	–	nvd
OSV	CVE-2022-23719	30 Jun 202220:15	–	osv
Prion	Authentication flaw	30 Jun 202220:15	–	prion
Positive Technologies	PT-2022-3284 · Ping Identity · Pingid Windows Login	30 Jun 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-23719	9 Jan 202608:44	–	redhatcve

NVD

Node

pingidentity pingid_integration_for_windows_loginRange<2.8

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "PingID Windows Login",
    "vendor": "Ping Identity",
    "versions": [
      {
        "lessThan": "2.8",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
pingidentity	www.pingidentity.com/en/resources/downloads/pingid.html
docs	www.docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html

21 Nov 2024 06:49Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16.4 - 7.2

CVSS 26.9

EPSS0.00271

pingid windows login cve-2022-23719 code execution system denial of service security key authentication nvd