PT-2023-23600 · Pegasystems · Pega Platform
Mohamad Shokor
·
Published
2023-08-07
·
Updated
2023-08-10
·
CVE-2023-32090
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Pega platform versions 6.1 through 7.3.1
Description
The issue concerns the use of default credentials by Pega platform clients. This could potentially lead to unauthorized access.
Recommendations
For versions 6.1 through 7.3.1, change the default credentials to custom, secure credentials to prevent unauthorized access.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Pega Platform