CVE-2022-23726
https://notcve.org/view.php?id=CVE-2022-23726
PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information. PingCentral versiones anteriores a las enumeradas exponen endpoints de actuadores de Spring Boot que, con autenticación administrativa, devuelven grandes cantidades de información confidencial del entorno y de la aplicación • https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html https://www.pingidentity.com/en/resources/downloads/pingcentral.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •