Home

Description

An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under their control, simplifying phishing attacks

PUBLISHED Reserved 2024-02-29 | Published 2024-10-29 | Updated 2024-10-29 | Assigner Ping Identity




MEDIUM: 5.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status
affected

7.5.0
affected

7.4.0
affected

7.3.0
affected

7.2.0
affected

7.1.0
affected

Any version
affected

References

backstage.forgerock.com/downloads/browse/am/featured

backstage.forgerock.com/...edge/advisories/article/a63463303

cve.org (CVE-2024-25566)

nvd.nist.gov (CVE-2024-25566)

Download JSON