Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Pega Infinity Improper Authentication Vulnerability (CVE-2023-32090)

Description

Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials

Remediation

References

Related Vulnerabilities

WordPress Plugin ACF:Better Search Cross-Site Request Forgery (3.3.0)

Joomla! Core 3.x.x Local File Inclusion (3.0.0 - 3.9.25)

WordPress Plugin Brafton Cross-Site Scripting (3.4.7)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2572)

WordPress Plugin JC Coupon Cross-Site Scripting (2.5)

Severity

Critical

Classification

CVE-2023-32090 CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities