Lucene search
PegaCVELIST:CVE-2021-27653HistoryApr 01, 2021 - 6:38 p.m.
CVE-2021-27653
2021-04-0118:38:57
CWE-284
Pega
www.cve.org
4
pega chat
misconfiguration
data exposure
pega platform
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
34.2%
Misconfiguration of the Pega Chat Access Group portal in Pega platform 7.4.0 - 8.5.x could lead to unintended data exposure.
CNA Affected
[
{
"product": "Pega Infinity",
"vendor": "Pega Systems",
"versions": [
{
"status": "affected",
"version": ">=7.4.0, <8.5.3"
}
]
}
]Related
threatpost
threatpost
Connected Farms Easy Pickings for Global Food Supply-Chain Hack
2021-08-10 21:21:44
cve
cve
CVE-2021-27653
2021-04-01 19:15:14
prion
prion
Design/Logic Flaw
2021-04-01 19:15:00
nvd
nvd
CVE-2021-27653
2021-04-01 19:15:14
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
34.2%
Related for CVELIST:CVE-2021-27653