Exposure of Sensitive Information in PingCentral Versions Prior to Listed Versions

Exposure of Sensitive Information in PingCentral Versions Prior to Listed Versions

CVE-2022-23726 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information.

Learn more about our Web Application Penetration Testing UK.