CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10654

Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.075

EPSS Ranking 91.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://docs.pingidentity.com/bundle/pingid/page/hmc1587998527490.html
https://docs.pingidentity.com/bundle/pingid/page/okt1564020467088.html
https://www.pingidentity.com/
https://www.pingidentity.com/en/cloud/pingid.html
https://docs.pingidentity.com/bundle/pingid/page/hmc1587998527490.html
https://docs.pingidentity.com/bundle/pingid/page/okt1564020467088.html
https://www.pingidentity.com/
https://www.pingidentity.com/en/cloud/pingid.html

Products affected by CVE-2020-10654

Pingidentity » Pingid Ssh Integration » Version: Any

cpe:2.3:a:pingidentity:pingid_ssh_integration:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10654

Products

Pricing

Contact Us