← voltar
CVE-2023-36496

Delegated Admin Virtual Attribute Provider Privilege Escalation

CVSS 7.7 HIGHEPSS 0.5%CWE-269
Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L
Produtos afetados
Ping Identity · PingDirectory

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284https://support.pingidentity.com/s/article/SECADV039https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html