ГлавнаяУязвимости → CVE-2023-36496
7.7высокая

CVE-2023-36496

Описание

Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an authenticated user to elevate their permissions in the Directory Server.

Затрагиваемое ПО
Pingidentity Pingdirectory
CVSS
Балл7.7 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L
Источники
https://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284https://support.pingidentity.com/s/article/SECADV039https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.htmlhttps://docs.pingidentity.com/r/en-us/pingdirectory-93/ynf1693338390284https://support.pingidentity.com/s/article/SECADV039https://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html