Discussion

58
Views
Close popover
Brendan Horan (BrendanHoran_GCS)
MOD
Technical Director, Global Client Support
Pegasystems Inc.
US
BrendanHoran_GCS Member since 2011 81 posts
MOD
Posted: March 25, 2020
Last activity: March 25, 2020
Closed

Critical HFIX-42664 (Pega Platform 7.3.1)

Pega has identified the HFIX-42664 as critical for ensuring a productive and secure development experience on our Pega Platform 7.3.1 release. If you are developing applications on this release version, we strongly encourage you to verify the this hot fix is installed in your environments and, if not, that you submit a hot fix request in My Support Portal to receive the necessary download files for installation.

Description

Updating an OperatorID record can be bypassed during authentication by setting the extAssignFlag property with any non-blank value. This flag is ignored during Authentication.unauthenticate() method. However, it still respected and the update is skipped during initializeUser() method. The save that occurs during unauthenticate() should fall under the same conditions. This is a performance issue that introduces contention for services which utilize a single OperatorID because threads compete for updates to the common row.

Pega Platform 7.3.1 System Administration Installation and Deployment Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Discussion, please write a new Discussion.