CVE-2023-39930 - OpenCVE

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Pingidentity	Pingid Radius Pcv

Configuration 1 [-]

cpe:2.3:a:pingidentity:pingid_radius_pcv:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn
https://www.pingidentity.com/en/resources/downloads/pingfederate.html

History

Wed, 18 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Ping Identity

Published: 2023-10-24T20:54:08.795Z

Updated: 2024-09-17T14:16:56.734Z

Reserved: 2023-08-25T16:59:38.668Z

Link: CVE-2023-39930

Vulnrichment

Updated: 2024-08-02T18:18:10.146Z

NVD

Status : Analyzed

Published: 2023-10-25T18:17:29.823

Modified: 2023-10-31T18:10:51.270

Link: CVE-2023-39930

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-39930", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "state": "PUBLISHED", "assignerShortName": "Ping Identity", "dateReserved": "2023-08-25T16:59:38.668Z", "datePublished": "2023-10-24T20:54:08.795Z", "dateUpdated": "2024-09-17T14:16:56.734Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PingID Radius PCV", "vendor": "Ping Identity", "versions": [{"lessThan": "3.0.3", "status": "affected", "version": "3.0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request.</span>"}], "value": "A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2023-10-24T20:54:08.795Z"}, "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"}, {"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn"}], "source": {"defect": ["PID-9546"], "discovery": "EXTERNAL"}, "title": "PingFederate PingID Radius PCV Authentication Bypass", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:18:10.146Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html", "tags": ["x_transferred"]}, {"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-11T14:08:27.022649Z", "id": "CVE-2023-39930", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T14:16:56.734Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html", "tags": ["x_transferred"]}, {"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:18:10.146Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-39930", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-11T14:08:27.022649Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T14:16:52.200Z"}}], "cna": {"title": "PingFederate PingID Radius PCV Authentication Bypass", "source": {"defect": ["PID-9546"], "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Ping Identity", "product": "PingID Radius PCV", "versions": [{"status": "affected", "version": "3.0", "lessThan": "3.0.3", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"}, {"url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2023-10-24T20:54:08.795Z"}}}, "cveMetadata": {"cveId": "CVE-2023-39930", "state": "PUBLISHED", "dateUpdated": "2024-09-17T14:16:56.734Z", "dateReserved": "2023-08-25T16:59:38.668Z", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "datePublished": "2023-10-24T20:54:08.795Z", "assignerShortName": "Ping Identity"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pingidentity:pingid_radius_pcv:*:*:*:*:*:*:*:*", "matchCriteriaId": "EACEE21D-643C-40CB-A904-5EC8F8E116EF", "versionEndExcluding": "3.0.3", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request."}, {"lang": "es", "value": "Existe una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n de primer factor en PingFederate con PingID Radius PCV cuando se env\u00eda una solicitud de autenticaci\u00f3n MSCHAP a trav\u00e9s de una solicitud de cliente RADIUS manipulada con fines malintencionados."}], "id": "CVE-2023-39930", "lastModified": "2023-10-31T18:10:51.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}, "published": "2023-10-25T18:17:29.823", "references": [{"source": "responsible-disclosure@pingidentity.com", "tags": ["Release Notes"], "url": "https://docs.pingidentity.com/r/en-us/pingid/pingid_integration_kit_2_26_rn"}, {"source": "responsible-disclosure@pingidentity.com", "tags": ["Product"], "url": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html"}], "sourceIdentifier": "responsible-disclosure@pingidentity.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-288"}], "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}