HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Ping Identity

Published: 2024-05-31T19:08:35.381Z

Updated: 2024-08-01T22:59:32.210Z

Reserved: 2024-01-17T17:27:24.608Z

Link: CVE-2024-23316

cve-icon Vulnrichment

Updated: 2024-08-01T22:59:32.210Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-31T19:15:08.723

Modified: 2024-11-21T08:57:29.393

Link: CVE-2024-23316

cve-icon Redhat

No data.