Infinity Security Vulnerabilities and Issues — Infinity CVE List

Lucene search

PegaInfinity

4 matches found

CVE•added 2021/04/29 3:15 p.m.•79 views

CVE-2021-27651

In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authentication checks.

9.8CVSS9.4AI score0.90362EPSS

CVE•added 2022/07/19 3:15 p.m.•59 views

CVE-2022-24082

If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on ...

9.8CVSS9.4AI score0.19169EPSS

CVE•added 2022/07/25 5:15 p.m.•56 views

CVE-2022-24083

Password authentication bypass vulnerability for local accounts can be used to bypass local authentication checks.

9.8CVSS9.2AI score0.00065EPSS

CVE•added 2024/11/20 3:15 p.m.•38 views

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code

9.8CVSS9.3AI score0.00198EPSS