CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-42001

HIGH
8.0
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile30.37th
Published2022年4月30日
Last Modified2024年11月21日

Vulnerability Description

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.

Affected Platforms (CPE)

📦
Pingidentity

Pingid Desktop

< 1.7.3
📦
Pingidentity

Pingid Desktop

< 1.7.3

References & Advisories

🔗 https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html
🔗 https://www.pingidentity.com/en/resources/downloads/pingid.html
🔗 https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html
🔗 https://www.pingidentity.com/en/resources/downloads/pingid.html

相關漏洞威脅

CVE-2021-2124310.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deser...

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-2124410.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server sid...