PingDirectory copying of virtual attributes leads to memory exhaustion

6.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/RE:M/U:Amber

Description

Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attributes that reference ds-privilege-name values.

Basic Information

ID CVE-2026-20746

Source Ping Identity

Published Jun 12, 2026 at 02:16

Affected Product

Vendor Ping Identity

Product PingDirectory

Version 9.3.0.0

Affected Versions Ping Identity PingDirectory 9.3.0.0
Ping Identity PingDirectory 10.2.0.0
Ping Identity PingDirectory 10.3.0.0
Ping Identity PingDirectory 11.0.0.0

CWE Classification

CWE-401

References

{
    "lastseen": "",
    "description": "Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when\u00a0recent login history is enabled and copying virtual attributes that reference ds-privilege-name values.",
    "published": "2026-06-12T02:16:59.690Z",
    "modified": "2026-06-12T02:16:59.690Z",
    "type": "cve",
    "title": "PingDirectory copying of virtual attributes leads to memory exhaustion",
    "source": "Ping Identity",
    "references": "https://docs.pingidentity.com/pingdirectory/11.0/release_notes/pd_release_notes.html#pingdirectory-suite-of-products-11-0-0-1-march-2026\nhttps://www.pingidentity.com/en/resources/downloads/pingdirectory-downloads.html\nhttps://support.pingidentity.com/s/article/SECADV052-Denial-of-Service-via-copying-virtual-attributes",
    "id": "CVE-2026-20746",
    "bulletinFamily": "",
    "cwe": [
        "CWE-401"
    ],
    "cvelist": null,
    "sourceData": "Ping Identity PingDirectory 9.3.0.0\nPing Identity PingDirectory 10.2.0.0\nPing Identity PingDirectory 10.3.0.0\nPing Identity PingDirectory 11.0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PingDirectory",
    "version": "9.3.0.0",
    "vendor": "Ping Identity",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PingDirectory copying of virtual attributes leads to memory exhaustion_CVE-2026-20746