### [CVE-2021-41527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41527)
![](https://img.shields.io/static/v1?label=Product&message=RISC%20Platform&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Missing%20Critical%20Step%20in%20Authentication&color=brightgreen)

### Description

An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021-12-29 release can potentially be exploited to bypass the 2FA. The vulnerability requires that the 2FA setup hasn’t been completed.

### POC

#### Reference
- https://medium.com/@amroot/cve-2021-41527-flexera-multi-factor-authentication-mfa-bypass-cb9effc3af98

#### Github
No PoCs found on GitHub currently.