CVE-2024-23983

CVSS V2 None CVSS V3 None
Description
Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules.
Overview
  • CVE ID
  • CVE-2024-23983
  • Assigner
  • Ping Identity
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-11-11T22:56:58.036Z
  • Last Modified Date
  • 2024-11-11T22:56:58.036Z
Weakness Enumerations
CWE URL
CWE-20 http://cwe.mitre.org/data/definitions/20.html
CWE-177 http://cwe.mitre.org/data/definitions/177.html
References
Reference URL Reference Tags
https://docs.pingidentity.com/pingaccess/latest/release_notes/pa_811_rn.html
https://www.pingidentity.com/en/resources/downloads/pingaccess.html
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-23983
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23983
History
Created Old Value New Value Data Type Notes
2024-11-12 13:22:02 Added to TrackCVE