Question
3
Replies
44
Views
E-Pragati
Posted: August 17, 2020
Last activity: September 3, 2020
Missing Access Control Vulnerability in Pega
Pega platform has a access control vulnerability which allows attacker to gain access to internal resources.
An attacker can gain access to configuration files and also has access to create queries.
Access the URL /ServicesExport/configurations.zip file followed by token as shown in the URL
It is recommended to restrict...
***Edited by Moderator: Pallavi to update platform capability tags***
***Edited by Moderator Marissa to update General to Product***
Posted: 4 months ago
I think most of the security points on provided article are still valid on Pega 7.3.1
Hello,
What platform version is it? Have you been trough the following: https://community.pega.com/knowledgebase/articles/security/84/security-checklist