CVE-2022-23725

🗓️ 30 Jun 2022 19:25:46Reported by Ping IdentityType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 667 Views

PingID Windows Login permission issu

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-23725	30 Jun 202220:15	–	attackerkb
BDU FSTEC	The vulnerability of the PingID software for multi-factor authentication of applications in Windows, related to insufficient protection of registration data, allows a perpetrator to access confidential information.	1 Jul 202200:00	–	bdu_fstec
CNNVD	Ping Identity Windows PingId 授权问题漏洞	30 Jun 202200:00	–	cnnvd
Cvelist	CVE-2022-23725 PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances	30 Jun 202219:25	–	cvelist
EUVD	EUVD-2022-28661	3 Oct 202520:07	–	euvd
NVD	CVE-2022-23725	30 Jun 202220:15	–	nvd
OSV	CVE-2022-23725	30 Jun 202220:15	–	osv
Prion	Code injection	30 Jun 202220:15	–	prion
Positive Technologies	PT-2022-3285 · Ping Identity · Pingid Windows Login	30 Jun 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-23725	9 Jan 202608:44	–	redhatcve

NVD

Node

pingidentity pingid_integration_for_windows_loginRange<2.8

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "PingID Windows Login",
    "vendor": "Ping Identity",
    "versions": [
      {
        "lessThan": "2.8",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]