Primary

Context

Flexera RISC Platform Two-Factor Authentication Bypass Vulnerability

Vulnerability

A vulnerability allowing the bypass of two-factor authentication (2FA) has been identified in the Flexera RISC Platform, in versions prior to the saas-2021-12-29 release. This issue arises from an error related to 2FA, which can be exploited if the 2FA setup has not been completed.

Impact

Exploitation of this vulnerability allows users to bypass two-factor authentication, potentially leading to unauthorized access or actions that require 2FA verification.

Remediation

Users can upgrade to the RISC Platform saas-2021-12-29 release, which addresses this vulnerability. Flexera has also acknowledged the vulnerability and its responsible disclosure by Robert Gilbert.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Flexera RISC Platform Two-Factor Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating