Question

3
Replies
39
Views
AnjaniKumarP0301 Member since 2020 11 posts
E-Pragati
Posted: 1 month ago
Last activity: 4 weeks ago

Missing Access Control Vulnerability in Pega

Pega platform has a access control vulnerability which allows attacker to gain access to internal resources.

 

An attacker can gain access to configuration files and also has access to create queries.

 

Access the URL /ServicesExport/configurations.zip file followed by token as shown in the URL

 

It is recommended to restrict...

***Edited by Moderator: Pallavi to update platform capability tags***

***Edited by Moderator Marissa to update General to Product***  

Pega Platform Security
Share this page LinkedIn