CVE-2022-40722 - OpenCVE

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pingidentity	Pingfederate Pingid Adapter For Pingfederate Pingid Integration Kit

Configuration 1 [-]

OR	cpe:2.3:a:pingidentity:pingfederate::::::::
	cpe:2.3:a:pingidentity:pingfederate::::::::
	cpe:2.3:a:pingidentity:pingid_adapter_for_pingfederate::::::::
	cpe:2.3:a:pingidentity:pingid_integration_kit::::::::

No data.

References

Link	Providers
https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa
https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn

History

No history.

MITRE

Status: PUBLISHED

Assigner: Ping Identity

Published: 2023-04-25T00:00:00

Updated: 2024-08-03T12:21:46.770Z

Reserved: 2022-09-14T00:00:00

Link: CVE-2022-40722

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-04-25T19:15:10.240

Modified: 2023-05-04T19:46:42.447

Link: CVE-2022-40722

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-40722", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "assignerShortName": "Ping Identity", "dateUpdated": "2024-08-03T12:21:46.770Z", "dateReserved": "2022-09-14T00:00:00", "datePublished": "2023-04-25T00:00:00"}, "containers": {"cna": {"title": "Misconfiguration of RSA padding for offline MFA in the PingID Adapter for PingFederate.", "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2023-04-25T00:00:00"}, "descriptions": [{"lang": "en", "value": "A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA."}], "affected": [{"vendor": "Ping Identity", "product": "PingID Adapter for PingFederate", "versions": [{"version": "2.13.2", "status": "affected", "lessThan": "2.13.2", "versionType": "custom"}]}, {"vendor": "Ping Identity", "product": "PingID Integration Kit (includes PingID Adapter)", "versions": [{"version": "2.24", "status": "affected", "lessThan": "2.24", "versionType": "custom"}]}, {"vendor": "Ping Identity", "product": "PingFederate (includes PingID Adapter)", "versions": [{"version": "11.1.0", "status": "affected", "lessThan": "11.1.0*", "versionType": "custom"}, {"version": "11.1.5", "status": "affected", "lessThanOrEqual": "11.1.5", "versionType": "custom"}, {"version": "11.2.0", "status": "affected", "lessThan": "11.2.0*", "versionType": "custom"}, {"version": "11.2.2", "status": "affected", "lessThanOrEqual": "11.2.2", "versionType": "custom"}]}], "references": [{"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"}, {"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"}], "credits": [{"lang": "en", "value": "Ping Identity credits The Commonwealth Bank of Australia for the discovery of this vulnerability."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-780 Use of RSA Algorithm without OAEP", "cweId": "CWE-780"}]}], "source": {"advisory": "SECADV035", "defect": ["PIM-2677"], "discovery": "INTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:21:46.770Z"}, "title": "CVE Program Container", "references": [{"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn", "tags": ["x_transferred"]}, {"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F085AB7-29E3-4CC6-88C6-49EF87B1E7E9", "versionEndIncluding": "11.1.5", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F76BB82-2AE0-4330-84E7-BBFFABF030C0", "versionEndIncluding": "11.2.2", "versionStartIncluding": "11.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingid_adapter_for_pingfederate:*:*:*:*:*:*:*:*", "matchCriteriaId": "9285EE82-E2F6-4C82-8F0E-2149B8652E71", "versionEndExcluding": "2.13.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:pingidentity:pingid_integration_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0D3BE72-98EE-4FE4-BF80-CDD66F495AC1", "versionEndExcluding": "2.24", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA."}], "id": "CVE-2022-40722", "lastModified": "2023-05-04T19:46:42.447", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.8, "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}, "published": "2023-04-25T19:15:10.240", "references": [{"source": "responsible-disclosure@pingidentity.com", "tags": ["Product"], "url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_adapter_configuring_offline_mfa"}, {"source": "responsible-disclosure@pingidentity.com", "tags": ["Release Notes"], "url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_20_rn"}], "sourceIdentifier": "responsible-disclosure@pingidentity.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-327"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-780"}], "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}