CVE-2021-41770

CVE-2021-41770

EPSS 1.0%

Ping Identity PingFederate before 10.3.1 mishandles pre-parsing validation, leading to an XXE attack that can achieve XML file disclosure.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://docs.pingidentity.com/bundle/pingfederate-103/page/ruz1628492711606.html https://www.pingidentity.com/en/resources/downloads/pingfederate.html