We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-25566

Open Redirect in PingAM



Description

An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under their control, simplifying phishing attacks

Reserved 2024-02-29 | Published 2024-10-29 | Updated 2024-10-29 | Assigner Ping Identity


MEDIUM: 5.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status
affected

7.5.0
affected

7.4.0
affected

7.3.0
affected

7.2.0
affected

7.1.0
affected

Any version
affected

References

backstage.forgerock.com/downloads/browse/am/featured

backstage.forgerock.com/...edge/advisories/article/a63463303

cve.org (CVE-2024-25566)

nvd.nist.gov (CVE-2024-25566)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-25566

Support options

Helpdesk Chat, Email, Knowledgebase