CVE-2021-41527 LOW

CVE-2021-41527: 2FA bypass on the RISC Platform

Vendor Flexera
Product RISC Platform
Published February 7, 2025
Last update March 13, 2025

CVSS base score

2.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021-12-29 release can potentially be exploited to bypass the 2FA. The vulnerability requires that the 2FA setup hasn’t been completed.

Key dates

02Disclosure timeline

February 7, 2025 CVE published
March 13, 2025 Record updated