CVE-2025-21085 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Ping Identity	CNA	---				---
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-462 - Duplicate Key in Associative List (Alist)
Duplicate keys in associative lists can lead to non-unique keys being mistaken for an error.

References

https://support.pingidentity.com/s/article/PingFederate-grant-attribute-duplication-with-PostgreSQL

https://www.pingidentity.com/en/resources/downloads/pingfederate.html