Configuration-based MFA Bypass in PingID RADIUS PCV.
CVE-2022-40723
6.5MEDIUM
What is CVE-2022-40723?
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
Affected Version(s)
PingFederate (includes Radius PCV) 11.1.0 < 11.1.0*
PingFederate (includes Radius PCV) 11.1.5
PingFederate (includes Radius PCV) 11.2.0 < 11.2.0*