Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Pingfederate Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2021-40329

The Authentication API in Ping Identity PingFederate before 10.3 mishandles certain aspects of external password management.

9.8CVSS

9.5AI Score

0.002EPSS

2021-09-27 05:15 PM
19
cve
cve

CVE-2023-37283

Under a very specific and highly unrecommended configuration, authentication bypass is possible in the PingFederate Identifier First Adapter

9.8CVSS

9.5AI Score

0.001EPSS

2023-10-25 06:17 PM
16
cve
cve

CVE-2023-40545

Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted requests.

9.8CVSS

9.5AI Score

0.001EPSS

2024-02-06 06:15 PM
22