CVE-2024-25566

CVSS V2 None CVSS V3 None

Description

An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under their control, simplifying phishing attacks

Overview

CVE ID
CVE-2024-25566

Assigner
Ping Identity

Vulnerability Status
PUBLISHED

Published Version
2024-10-29T15:34:53.358Z

Last Modified Date
2024-10-29T19:58:25.775Z

Weakness Enumerations

CWE	URL
CWE-601	http://cwe.mitre.org/data/definitions/601.html

References

Reference URL	Reference Tags
https://backstage.forgerock.com/downloads/browse/am/featured
https://backstage.forgerock.com/knowledge/advisories/article/a63463303

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-25566
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25566

History

Created	Old Value	New Value	Data Type	Notes
2024-10-30 13:50:01				Added to TrackCVE