Discussion

7330
Views
Brendan Horan (BrendanHoran_GCS)
MOD
Technical Director, Global Client Support
Pegasystems Inc.
US
BrendanHoran_GCS Member since 2011 81 posts
MOD
Posted: February 5, 2021
Last activity: April 27, 2021
Posted: 5 Feb 2021 11:49 EST
Last activity: 27 Apr 2021 13:21 EDT
Closed

Pega Security Advisory - A21 - Hotfix Matrix

Pega continually works to implement security controls designed to protect client environments. With this focus, Pega has identified a critical security vulnerability in versions 8.2.1 – 8.5.2 of Pega Infinity. Pega has created the A21 Hotfix for each relevant version to remediate this issue. 

If you are an on–premise client, please review the table below to determine which hotfix corresponds to your Pegasystems installation. Once you have determined the appropriate hotfix ID, please submit a hotfix request using My Support Portal.  Pega Cloud® environments running the relevant Pega versions are being proactively remediated by Pega. 

As always, we recommend our customers review our Security Checklist regularly.

CVE Details:

Software/Product: Pega Infinity

Version: 8.2.1-8.5.2

CVE ID: CVE-2021- 27651

Description: Password reset functionality for local accounts can be used to bypass local authentication checks.

8.2.1

HFIX-69674

8.2.2

HFIX-69653

8.2.3

HFIX-69675

8.2.4

HFIX-69676

8.2.5

HFIX-69677

8.2.6

HFIX-69678

8.2.7

HFIX-69679

8.2.8

HFIX-69680

8.3.0

HFIX-69681

8.3.1

HFIX-69682

8.3.2

HFIX-69684

8.3.3

HFIX-69686

8.3.4

HFIX-69687

8.3.5

HFIX-69688

8.4.0

HFIX-69689

8.4.1

HFIX-69690

8.4.2

HFIX-69691

8.4.3

HFIX-69692

8.4.4

HFIX-69694

8.5.1

HFIX-69695

8.5.2

HFIX-69696

Pega Platform 8.5.2 Pega Platform 8.2.6 Pega Platform 8.2.7 Pega Platform 8.2.8 Pega Platform 8.3 Pega Platform 8.3.1 Pega Platform 8.3.2 Pega Platform 8.3.3 Pega Platform 8.3.4 Pega Platform 8.3.5 Pega Platform 8.4 Pega Platform 8.4.1 Pega Platform 8.4.2 Pega Platform 8.4.3 Pega Platform 8.4.4 Pega Platform 8.5 Pega Platform 8.5.1 Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Discussion, please write a new Discussion.