2 results (0.002 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request. Existe una vulnerabilidad de omisión de autenticación de primer factor en PingFederate con PingID Radius PCV cuando se envía una solicitud de autenticación MSCHAP a través de una solicitud de cliente RADIUS manipulada con fines malintencionados. • https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn https://www.pingidentity.com/en/resources/downloads/pingfederate.html • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-306: Missing Authentication for Critical Function •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations. • https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_19_rn • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •