Vulnerabilities > CVE-2021-42001 - Unspecified vulnerability in Pingidentity Pingid Desktop

047910
CVSS 9.9 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
pingidentity
critical

Summary

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.

Vulnerable Configurations

Part Description Count
Application
Pingidentity
2