CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42001

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.9%

CVSS Severity

CVSS v3 Score 8.0

CVSS v2 Score 4.0

References

https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html
https://www.pingidentity.com/en/resources/downloads/pingid.html
https://docs.pingidentity.com/bundle/pingid/page/dyt1645545885978.html
https://www.pingidentity.com/en/resources/downloads/pingid.html

Products affected by CVE-2021-42001

Pingidentity » Pingid Desktop » Version: Any

cpe:2.3:a:pingidentity:pingid_desktop:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42001

Products

Pricing

Contact Us