CVE-2022-40722

CVSS V2 None CVSS V3 None
Description
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.
Overview
  • CVE ID
  • CVE-2022-40722
  • Assigner
  • responsible-disclosure@pingidentity.com
  • Vulnerability Status
  • Received
  • Published Version
  • 2023-04-25T19:15:10
  • Last Modified Date
  • 2023-04-25T19:15:10
History
Created Old Value New Value Data Type Notes
2023-04-25 20:02:34 Added to TrackCVE
2023-04-25 20:02:37 Weakness Enumeration new