When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the attributes of another user using a maliciously crafted request
Affected Software
Name |
Vendor |
Start Version |
End Version |
Pingfederate |
Pingidentity |
* |
11.3.0 (including) |
References