PT-2025-42483 · Pega · Pega Platform
Eric Kahlert
·
Published
2025-10-16
·
Updated
2026-03-19
·
CVE-2025-9559
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Pega Platform versions 8.7.5 through 24.2.2
Description
The Pega Platform contains an Insecure Direct Object Reference issue within a user interface component. This issue allows for the reading of data.
Recommendations
Update to a version later than 24.2.2.
Fix
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pega Platform