CVE-2023-40702 - OpenCVE

PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability to authenticate as a target user if they have existing knowledge of the target user’s first-factor credentials.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Pingidentity	Pingone Mfa Integration Kit

No data.

No data.

References

Link	Providers
https://docs.pingidentity.com/r/en-us/pingfederate-pingone-mfa-ik/bks1657303194394

History

No history.

MITRE

Status: PUBLISHED

Assigner: Ping Identity

Published: 2024-07-09T15:38:47.415Z

Updated: 2024-08-02T18:38:51.083Z

Reserved: 2023-08-25T16:59:38.691Z

Link: CVE-2023-40702

Vulnrichment

Updated: 2024-07-12T20:21:27.340Z

NVD

Status : Awaiting Analysis

Published: 2024-07-09T16:15:03.220

Modified: 2024-07-09T18:18:38.713

Link: CVE-2023-40702

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-40702", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "state": "PUBLISHED", "assignerShortName": "Ping Identity", "dateReserved": "2023-08-25T16:59:38.691Z", "datePublished": "2024-07-09T15:38:47.415Z", "dateUpdated": "2024-08-02T18:38:51.083Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html", "defaultStatus": "unaffected", "product": "PingOne MFA Integration Kit for PingFederate", "vendor": "Ping Identity", "versions": [{"lessThan": "2.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2024-07-09T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "PingOne MFA Integration Kit contains a vulnerability where the <tt>skipMFA</tt> action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability to authenticate as a target user if they have existing knowledge of the target user\u2019s first-factor credentials."}], "value": "PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability to authenticate as a target user if they have existing knowledge of the target user\u2019s first-factor credentials."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 7.7, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2024-07-09T15:38:47.415Z"}, "references": [{"url": "https://docs.pingidentity.com/r/en-us/pingfederate-pingone-mfa-ik/bks1657303194394"}], "source": {"discovery": "INTERNAL"}, "title": "PingOne MFA Integration Kit MFA bypass", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Disable the Allow Users to Skip MFA Setup in your PingOne MFA adapter configuration.<br>"}], "value": "Disable the Allow Users to Skip MFA Setup in your PingOne MFA adapter configuration."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "pingidentity", "product": "pingone_mfa_integration_kit", "cpes": ["cpe:2.3:a:pingidentity:pingone_mfa_integration_kit:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.3.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-12T20:20:11.087770Z", "id": "CVE-2023-40702", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T20:21:31.325Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:38:51.083Z"}, "title": "CVE Program Container", "references": [{"url": "https://docs.pingidentity.com/r/en-us/pingfederate-pingone-mfa-ik/bks1657303194394", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-40702", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-12T20:20:11.087770Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:pingidentity:pingone_mfa_integration_kit:*:*:*:*:*:*:*:*"], "vendor": "pingidentity", "product": "pingone_mfa_integration_kit", "versions": [{"status": "affected", "version": "0", "lessThan": "2.3.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T20:21:27.340Z"}}], "cna": {"title": "PingOne MFA Integration Kit MFA bypass", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Ping Identity", "product": "PingOne MFA Integration Kit for PingFederate", "versions": [{"status": "affected", "version": "0", "lessThan": "2.3.1", "versionType": "custom"}], "collectionURL": "https://www.pingidentity.com/en/resources/downloads/pingfederate.html", "defaultStatus": "unaffected"}], "datePublic": "2024-07-09T14:00:00.000Z", "references": [{"url": "https://docs.pingidentity.com/r/en-us/pingfederate-pingone-mfa-ik/bks1657303194394"}], "workarounds": [{"lang": "en", "value": "Disable the Allow Users to Skip MFA Setup in your PingOne MFA adapter configuration.", "supportingMedia": [{"type": "text/html", "value": "Disable the Allow Users to Skip MFA Setup in your PingOne MFA adapter configuration.<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability to authenticate as a target user if they have existing knowledge of the target user\u2019s first-factor credentials.", "supportingMedia": [{"type": "text/html", "value": "PingOne MFA Integration Kit contains a vulnerability where the <tt>skipMFA</tt> action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability to authenticate as a target user if they have existing knowledge of the target user\u2019s first-factor credentials.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing"}]}], "providerMetadata": {"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "shortName": "Ping Identity", "dateUpdated": "2024-07-09T15:38:47.415Z"}}}, "cveMetadata": {"cveId": "CVE-2023-40702", "state": "PUBLISHED", "dateUpdated": "2024-07-12T20:21:31.325Z", "dateReserved": "2023-08-25T16:59:38.691Z", "assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e", "datePublished": "2024-07-09T15:38:47.415Z", "assignerShortName": "Ping Identity"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured such that user authentication does not require the second factor authentication from the user's existing registered devices. A threat actor might be able to exploit this vulnerability to authenticate as a target user if they have existing knowledge of the target user\u2019s first-factor credentials."}, {"lang": "es", "value": "El kit de integraci\u00f3n de PingOne MFA contiene una vulnerabilidad en la que la acci\u00f3n skipMFA se puede configurar de modo que la autenticaci\u00f3n del usuario no requiera la autenticaci\u00f3n de segundo factor de los dispositivos registrados existentes del usuario. Un actor de amenazas podr\u00eda aprovechar esta vulnerabilidad para autenticarse como usuario objetivo si tiene conocimiento de las credenciales de primer factor del usuario objetivo."}], "id": "CVE-2023-40702", "lastModified": "2024-07-09T18:18:38.713", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}, "published": "2024-07-09T16:15:03.220", "references": [{"source": "responsible-disclosure@pingidentity.com", "url": "https://docs.pingidentity.com/r/en-us/pingfederate-pingone-mfa-ik/bks1657303194394"}], "sourceIdentifier": "responsible-disclosure@pingidentity.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "responsible-disclosure@pingidentity.com", "type": "Secondary"}]}