PingAM Java Agent Vulnerability Allows Attackers to Bypass Security
Posted: Fri Feb 28, 2025 3:38 pm
A critical security flaw (CVE-2025-20059) has been identified in supported versions of Ping Identity’s PingAM Java Agent, potentially enabling attackers to bypass policy enforcement and access protected resources.
The vulnerability—classified as a Relative Path Traversal (CWE-23) weakness—affects all PingAM Java Agent deployments integrated with PingOne Advanced Identity Cloud, prompting urgent calls for remediation.
https://gbhackers.com/pingam-java-agent-vulnerability/
The vulnerability—classified as a Relative Path Traversal (CWE-23) weakness—affects all PingAM Java Agent deployments integrated with PingOne Advanced Identity Cloud, prompting urgent calls for remediation.
https://gbhackers.com/pingam-java-agent-vulnerability/