← volver
CVE-2023-36496

Delegated Admin Virtual Attribute Provider Privilege Escalation

CVSS 7.7 HIGHEPSS 0.5%CWE-269
Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L
Productos afectados
Ping Identity · PingDirectory

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284https://support.pingidentity.com/s/article/SECADV039https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html