In the Pega 7.1.8 release we provide more options to control the versions of SSL/TLS that you use in your applications. While we still do support older protocol versions that have known vulnerabilities, we proactively warn the application developer against their use and provide alternatives.
Pega continuosly evaluates our products for known and potential threats. Currently we are not aware of any SSL related vulnerabilities in Pega 7.1.8.
Do you have more details about what you found in Pega 7.1.7 that you can share?