Vendor scorecard
Ping Identity
Ping Identity security disclosure record — CVE volume, CVSS severity mix and product-category breakdown, sourced from the NIST NVD.
CPE: pingidentity
Product families
1
Open in latest
9
Inferred — see methodology
Last disclosure
Jul 9, 2024
01
Product categories
1 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| PingFederate / PingAccessIdentity & Access Managementpingfederate, pingaccess, pingdirectory… | 2 | 9 | 1.19LOW |
02
Recent CVEs
2 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2024-22477(opens NVD record) | Low | 1.8 | A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only. | Jul 9, 2024 |
| CVE-2024-22377(opens NVD record) | Medium | 5.3 | The deploy directory in PingFederate runtime nodes is reachable to unauthorized users. | Jul 9, 2024 |
2 CVEs · 1 product families