Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-29041

Denial-of-service (DoS) vulnerability in the Multi-Factor Authentication module in Liferay DXP 7.3 before fix pack 1 allows remote authenticated attackers to prevent any user from authenticating by (1) enabling Time-based One-time password (TOTP) on behalf of the other user or (2) modifying the other user's TOTP shared secret.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
Products affected by CVE-2021-29041
  • Liferay » Dxp » Version: N/A
    cpe:2.3:a:liferay:dxp:-
  • Liferay » Dxp » Version: 7.0
    cpe:2.3:a:liferay:dxp:7.0
  • Liferay » Dxp » Version: 7.1
    cpe:2.3:a:liferay:dxp:7.1
  • Liferay » Dxp » Version: 7.2
    cpe:2.3:a:liferay:dxp:7.2
  • Liferay » Dxp » Version: 7.3
    cpe:2.3:a:liferay:dxp:7.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved