CVE-2023-40148
EUVD-2023-4475510.04.2024, 00:15
Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| pingidentity | pingfederate | 11.0.0 ≤ 𝑥 ≤ 11.0.8 | ADP |
| pingidentity | pingfederate | 11.1.0 ≤ 𝑥 ≤ 11.1.8 | ADP |
| pingidentity | pingfederate | 11.2.0 ≤ 𝑥 ≤ 11.2.7 | ADP |
| pingidentity | pingfederate | 11.3.0 ≤ 𝑥 ≤ 11.3.2 | ADP |
References