Lucene search
+L

4 matches found

NVD
NVD
added 2019/11/26 6:15 p.m.17 views

CVE-2019-16387

PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/randomtoken/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchemaListDatabases request while using a low-privilege account. This can perform actions and retrieve data that only an administrator should have access to. NOTE: The vendor states that...

8.1CVSS8.1AI score0.01045EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2019/11/26 5:26 p.m.12 views

CVE-2019-16388

PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/randomtoken/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and th...

6.5AI score0.00715EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/11/26 5:26 p.m.23 views

CVE-2019-16388

PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/randomtoken/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and th...

4.5AI score0.00715EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/11/26 5:25 p.m.15 views

CVE-2019-16387

PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/randomtoken/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchemaListDatabases request while using a low-privilege account. This can perform actions and retrieve data that only an administrator should have access to. NOTE: The vendor states that...

8.1AI score0.01045EPSS
Exploits1References1
Rows per page
Query Builder