CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-42001

HIGH
8.0
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile30.37th
Published2022年4月30日
Last Modified2024年11月21日

Vulnerability Description

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.

Affected Platforms (CPE)

📦
Pingidentity

Pingid Desktop

< 1.7.3
📦
Pingidentity

Pingid Desktop

< 1.7.3

References & Advisories

🔗 https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html
🔗 https://www.pingidentity.com/en/resources/downloads/pingid.html
🔗 https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html
🔗 https://www.pingidentity.com/en/resources/downloads/pingid.html

相關漏洞威脅

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2021-4155610.0

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to ...

CVE-2021-2124310.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deser...