CVE-2024-21832

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-21832
A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.

3.5 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083
Configurations

No configuration.

History

No history.

Information

Published : 2024-07-09 23:15

Updated : 2024-07-11 13:05

NVD link : CVE-2024-21832

Mitre link : CVE-2024-21832

CVE.ORG link : CVE-2024-21832

JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')