Misconfiguration of the Pega Chat Access Group portal in Pega platform 7.4.0 - 8.5.x could lead to unintended data exposure.
References
Link | Resource |
---|---|
https://collaborate.pega.com/discussion/pega-security-advisory-%E2%80%93-b21 | Vendor Advisory |
https://robertwillishacking.com/census-vulnerability-exposes-10k-oauth-tokens-thousands-of-user-records/ | Exploit Third Party Advisory |
Configurations
History
25 Apr 2022, 20:13
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://robertwillishacking.com/census-vulnerability-exposes-10k-oauth-tokens-thousands-of-user-records/ - Exploit, Third Party Advisory |
12 Mar 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2021-04-01 19:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-27653
Mitre link : CVE-2021-27653
CVE.ORG link : CVE-2021-27653
JSON object : View
Products Affected
pega
- infinity
CWE