CVE-2024-25566

Published: Oct 29, 2024

Modified: Oct 29, 2024

PUBLISHED

Description

An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under their control, simplifying phishing attacks

Vendor	Product	Versions
Ping Identity	PingAM	affected `7.5.0` affected `7.4.0 - <= 7.4.1` affected `7.3.0 - <= 7.3.1` affected `7.2.0 - <= 7.2.2` affected `7.1.0 - <= 7.1.4` +1 more versions

Weaknesses (CWE)

CWE-601

References

https://backstage.forgerock.com/downloads/browse/am/featured

https://backstage.forgerock.com/knowledge/advisories/article/a63463303

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-25566

Description

Affected Products

Weaknesses (CWE)

References