CVE-2021-41527

Summary

An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021-12-29 release can potentially be exploited to bypass the 2FA. The vulnerability requires that the 2FA setup hasn’t been completed.

Affected Software

VendorProductVersion RangeStatus
FlexeraRISC Platform0 < saas-2021-12-29affected

Weaknesses

  • Missing Critical Step in Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References