Discussion

24
Views
X

Critical HFIX-42664 (Pega Platform 7.3.1)

Pega has identified the HFIX-42664 as critical for ensuring a productive and secure development experience on our Pega Platform 7.3.1 release. If you are developing applications on this release version, we strongly encourage you to verify the this hot fix is installed in your environments and, if not, that you submit a hot fix request in My Support Portal to receive the necessary download files for installation.

Description

Updating an OperatorID record can be bypassed during authentication by setting the extAssignFlag property with any non-blank value. This flag is ignored during Authentication.unauthenticate() method. However, it still respected and the update is skipped during initializeUser() method. The save that occurs during unauthenticate() should fall under the same conditions. This is a performance issue that introduces contention for services which utilize a single OperatorID because threads compete for updates to the common row.

Pega Platform 7.3.1 Low-Code App Development Installation and Deployment Security System Administration