Vulnerability Details CVE-2022-23725
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.4%
CVSS Severity
CVSS v3 Score 7.7
CVSS v2 Score 2.1
References
Products affected by CVE-2022-23725
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:-
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:1.0
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:1.2
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:1.3
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:2.0
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:2.1
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:2.2
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:2.3
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:2.3.1
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:2.4.2
-
cpe:2.3:a:pingidentity:pingid_integration_for_windows_login:2.7