Skip to main content
Contact a Moderator

Question

3
Replies
51
Views
 Anjani Kumar Ponnam (AnjaniKumarP0301)
E-Pragati

E-Pragati
IN
AnjaniKumarP0301 Member since 2020 11 posts
E-Pragati
Posted: August 17, 2020
Last activity: September 3, 2020
Posted: 17 Aug 2020 0:10 EDT
Last activity: 3 Sep 2020 4:51 EDT
Closed

Missing Access Control Vulnerability in Pega

Pega platform has a access control vulnerability which allows attacker to gain access to internal resources.

 

An attacker can gain access to configuration files and also has access to create queries.

 

Access the URL /ServicesExport/configurations.zip file followed by token as shown in the URL

 

It is recommended to restrict...

***Edited by Moderator: Pallavi to update platform capability tags***

***Edited by Moderator Marissa to update General to Product***  

Pega Platform Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice