Question
3
Replies
39
Views
E-Pragati
Posted: 1 month ago
Last activity: 4 weeks ago
Missing Access Control Vulnerability in Pega
Pega platform has a access control vulnerability which allows attacker to gain access to internal resources.
An attacker can gain access to configuration files and also has access to create queries.
Access the URL /ServicesExport/configurations.zip file followed by token as shown in the URL
It is recommended to restrict...
***Edited by Moderator: Pallavi to update platform capability tags***
***Edited by Moderator Marissa to update General to Product***
Posted: 1 month ago
Posted: 1 month ago
7.3.1 Version
Posted: 4 weeks ago
I think most of the security points on provided article are still valid on Pega 7.3.1
Hello,
What platform version is it? Have you been trough the following: https://community.pega.com/knowledgebase/articles/security/84/security-…