Security Advisory

CVE-2022-23722

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-02 22:05:13

Last updated 2024-08-03 03:51:46

Assigner Ping Identity

State PUBLISHED

Description

When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.

← Browse all CVEs View on cve.org ↗