cvedb.io
CVE-2021-42001
HIGH · CVSS 8
EPSS exploitation probability: 0%
Published 2022-04-30T22:15:08.257 · Last modified 2026-06-17T04:09:08.207

Summary

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability may be able to successfully complete an MFA challenge via OTP.

Affected products

pingidentity — pingid_desktop

Does this affect you?

Add your gear to cvedb and we'll alert you only when pingidentity ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.