CVE-2021-39270
HIGHPing Identity RSA SecurID Integration Kit < 3.2 - User Impersonation via Origin Validation Error
Title source: llmDescription
In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
https://www.pingidentity.com/en/resources/downloads/pingfederate.html
Various Sources x_refsource_confirm
https://docs.pingidentity.com/bundle/integrations/page/yqq1563995045546.html
Scores
CVSS v3
7.5
EPSS
0.0041
EPSS Percentile
32.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-346
Status
published
Products (1)
pingidentity/rsa_securid_integration_kit
< 3.2
Published
Aug 18, 2021
Tracked Since
Feb 18, 2026