Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2024-21832
HistoryJul 09, 2024 - 11:15 p.m.

CVE-2024-21832

2024-07-0923:15:10
CWE-94
[email protected]
web.nvd.nist.gov
11
pingfederate
json injection
rest api
post method
security
cve-2024-21832

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

EPSS

0

Percentile

9.2%

JSON

A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.

Related

cvelist 1
cve 1
vulnrichment 1
cvelist
cvelist
CVE-2024-21832 PingFederate REST API Data Store Injection
2024-07-09 23:04:55
cve
cve
CVE-2024-21832
2024-07-09 23:15:10
vulnrichment
vulnrichment
CVE-2024-21832 PingFederate REST API Data Store Injection
2024-07-09 23:04:55

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

EPSS

0

Percentile

9.2%

JSON
Related for NVD:CVE-2024-21832
cvelist1cve1vulnrichment1