2 matches found
CVE-2024-23316
CVE-2024-23316 affects Ping Identity PingAccess. All versions prior to 8.0.1 are vulnerable to HTTP request desynchronization that allows a crafted HTTP header to induce a request-smuggling condition for proxied requests. This is a network‑vector issue with high impact (CVSS 4.0 base score 8.8) a...
CVE-2024-23316 PingAccess HTTP Request Desynchronization Weakness
HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests...