First published: Thu Apr 01 2021(Updated: )
Misconfiguration of the Pega Chat Access Group portal in Pega platform 7.4.0 - 8.5.x could lead to unintended data exposure.
Credit: security@pega.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pega Infinity | >=7.4.0<8.5.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-27653.
The title of the vulnerability is 'Misconfiguration of the Pega Chat Access Group portal in Pega platform 7.4.0 - 8.5.x could lead to unintended data exposure.'
The severity of CVE-2021-27653 is medium with a severity value of 4.9.
The Pega platform versions 7.4.0 - 8.5.x are affected by CVE-2021-27653.
To fix the misconfiguration, update Pega platform to version 8.5.3 or apply the necessary patches.