{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T00:23:13.553","vulnerabilities":[{"cve":{"id":"CVE-2021-42000","sourceIdentifier":"responsible-disclosure@pingidentity.com","published":"2022-02-10T23:15:07.883","lastModified":"2024-11-21T06:27:02.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password."},{"lang":"es","value":"Cuando es configurado un flujo de restablecimiento o cambio de contraseña con una política de autenticación y el adaptador de la política de restablecimiento o cambio admite varios flujos de restablecimiento paralelos, un usuario existente puede restablecer la contraseña de otro usuario existente"}],"metrics":{"cvssMetricV31":[{"source":"responsible-disclosure@pingidentity.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"responsible-disclosure@pingidentity.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*","versionEndIncluding":"9.3.0","matchCriteriaId":"CB058363-5A8D-4442-9147-B3798B920A28"},{"vulnerable":true,"criteria":"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndIncluding":"10.0.11","matchCriteriaId":"3021BD2B-BEBD-4FF9-A252-83DF7A4B1E12"},{"vulnerable":true,"criteria":"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*","versionStartIncluding":"10.1.0","versionEndIncluding":"10.1.8","matchCriteriaId":"226726D8-E657-4C17-8C2D-BA811CCC99A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.0","versionEndIncluding":"10.2.6","matchCriteriaId":"6A910AEE-6D4B-450E-9D35-F6D024536AB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:pingidentity:pingfederate:*:*:*:*:*:*:*:*","versionStartIncluding":"10.3.0","versionEndIncluding":"10.3.2","matchCriteriaId":"56B3CEA4-A6ED-414A-A73A-D8BA6FF544C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:pingidentity:pingfederate:9.3.3:-:*:*:*:*:*:*","matchCriteriaId":"92FA1B8B-3476-4CC5-86F3-25E2ECB65B49"},{"vulnerable":true,"criteria":"cpe:2.3:a:pingidentity:pingfederate:9.3.3:p15:*:*:*:*:*:*","matchCriteriaId":"742ABDC8-3F6F-4D21-9FFE-BDF5F098FD60"}]}]}],"references":[{"url":"https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html","source":"responsible-disclosure@pingidentity.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.pingidentity.com/en/resources/downloads/pingfederate.html","source":"responsible-disclosure@pingidentity.com","tags":["Vendor Advisory"]},{"url":"https://docs.pingidentity.com/bundle/pingfederate-103/page/hhm1634833631515.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.pingidentity.com/en/resources/downloads/pingfederate.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}