Unrated severityNVD Advisory· Published Jul 19, 2022· Updated Aug 3, 2024

CVE-2022-24082

Description

If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture.

Affected products

Capasystems/Pega Infinityv5
Range: 8.1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/169480/Pega-Platform-8.7.3-Remote-Code-Execution.htmlmitre
support.pega.com/support-doc/pega-security-advisory-b22-vulnerability-%E2%80%93-hotfix-matrix-0mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.036
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000