CVE-2022-23720

PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file

Severity Score

8.2

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID Windows Login user endpoints. Using sensitive full permissions properties file outside of a privileged trust boundary leads to an increased risk of exposure or discovery, and an attacker could leverage these credentials to perform administrative actions against PingID APIs or endpoints.

PingID Windows Login versiones anteriores a 2.8, no alerta o detiene la operación si ha sido provisto con el archivo de propiedades de PingID con todos los permisos. Un administrador de TI podría desplegar por error credenciales de API PingID con privilegios de administrador, como los usados típicamente por PingFederate, en los endpoints de usuario de PingID Windows Login. El uso de un archivo de propiedades de permisos completos confidenciales fuera de un límite confiable privilegiado conlleva a un mayor riesgo de exposición o detección, y un atacante podría aprovechar estas credenciales para llevar a cabo acciones administrativas contra las APIs de PingID o los endpoints

*Credits: Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability.

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-01-19 CVE Reserved
2022-06-30 CVE Published
2024-01-21 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-269: Improper Privilege Management
CWE-288: Authentication Bypass Using an Alternate Path or Channel
CWE-648: Incorrect Use of Privileged APIs

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://docs.pingidentity.com/bundle/pingid/page/zhy1653552428545.html	2022-07-13
https://www.pingidentity.com/en/resources/downloads/pingid.html	2022-07-13

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Pingidentity Search vendor "Pingidentity"		Pingid Integration For Windows Login Search vendor "Pingidentity" for product "Pingid Integration For Windows Login"				< 2.8 Search vendor "Pingidentity" for product "Pingid Integration For Windows Login" and version " < 2.8"		-		Affected