CVE-2022-23726 Information

Description

PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information.

Reference

https://www.pingidentity.com/en/resources/downloads/pingcentral.html https://docs.pingidentity.com/bundle/pingcentral-110/page/sdd1651696160285.html