Improper Permissions on PingID Windows Login Registry Entries

Improper Permissions on PingID Windows Login Registry Entries

CVE-2022-23725 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.

Learn more about our Api Penetration Testing.