PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.
A product requires authentication, but the product has an alternate path or channel that does not require authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Desktop | Pingidentity | * | 1.7.4 (excluding) |