4 matches found
CVE-2019-16388
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/randomtoken/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and th...
CVE-2019-16388
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/randomtoken/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and th...
CVE-2019-16388
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/randomtoken/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and th...
CVE-2019-16388
PEGA Platform 8.3.0 is reported vulnerable to information disclosure via a direct request to prweb/sso/random_token/!STANDARD?pyStream=MyAlerts to retrieve Audit Log information when using a low-privilege account. The Red Hat and CVE records reiterate this endpoint-based disclosure; vendor notes ...