MY BRAND BOOK Researchers found vulnerability in Pega Infinity

Researchers found vulnerability in Pega Infinity

By MYBRANDBOOK

Pega Infinity is a popular enterprise software suite, with over 2,000 users. The package includes customer service and sales automation, an AI-driven ‘customer decision hub’, workforce intelligence, and a ‘no-code’ development platform. Some of its big-list customers include the FBI, US Air Force, Apple, American Express, and others.

According to the research team – Sam Curry, Justin Rhinehart, Brett Buerhaus, and Maik Robert – CVE-2021-27651 is a critical-risk vulnerability in versions 8.2.1 to 8.5.2 of Pega’s Infinity software. The proof of concept demonstrates how an attacker could bypass Pega Infinity’s password reset system. However, the threat actors can fully compromise the Pega instance using malicious techniques like remote code execution, including the alteration of dynamic pages or templates.

Assailants could then use the reset account to “fully compromise” the Pega instance, through administrator-only remote code execution. This could include modifying dynamic pages, or templating. The security researchers came across the Pega Infinity vulnerability through participation in Apple’s bug bounty program.

The vendor added: “We would like to also note that no clients have reported any issues related to this vulnerability. Pega makes security a top priority, and we have acted quickly to remedy this issue.

“Pega believes independent security researchers play a valuable role in internet security, and we encourage responsible reporting of any vulnerabilities that may be found on our site or in our applications.”

BREAKING NEWS

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

TECHNO TRENDS

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

E-Magazine

TECHNOTAINMENT

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b

MOVERS & SHAKERS

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this

OPEN YOUR EYES

Capitalising on agility to win the digital banking competition

It is time to protect your critical business priorities from attackers

India to be the top destination for companies moving out of China

Cyber Security, AI/ML & Public Cloud Top Priorities for CIOs

Driving remote flexibility: Challenges and resolutions

INTERVIEWS

In India, 88% of Indian business leaders are planning to inves

Cisco building a trusted and resilient future for the nation

Security is foundational to everything Cisco does and customers insist on e

Autodesk continually pushing the boundaries in the Design and

Autodesk’s vision is of a better world designed and made for all. It inte

HOT PICK

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr

MAKE IN INDIA BRANDS

INFOSYS TECHNOLOGIES PVT. LTD.

HP INDIA SALES PVT. LTD.

LAVA INTERNATIONAL LTD.

SECUREYE SERVICES PVT. LTD.

EMINENT CIO'S OF INDIA

GAINING CUSTOMERS’ TRUST IS ESSENTIAL FOR SMOOTH OMNICHANNEL INTERACTIONS

In the fiscal year 2024-25, our organization has i...

AI TO IMPROVE INSIGHTS THROUGH AUGMENTED ANALYTICS, WHILE EDGE COMPUTING TO ALLOW REAL-TIME PROCESSING

For the fiscal year 2024-25, our organization has ...

HARNESSING THE POWER OF BIG DATA TO GAIN VALUABLE INSIGHTS

A Technology certainly drives innovation and busin...

ICONS OF INDIA

ICONS OF INDIA : RITESH AGARWAL

Ritesh Agarwal is an Indian billionaire entrepreneur and the founder a...

Icons Of India : Arundhati Bhattacharya

Arundhati Bhattacharya serves as the Chairperson and CEO of Salesforce...

Icons Of India : Daisy Chittilapilly

Daisy Chittilapilly is the President of Cisco’s India and SAARC regi...

PARTNER SPEAKERS

"We will either find a way or make one"

A provider of high-quality IT products and services, Bluecom Infotech caters t...

Unwavering Commitment & Communication helping to thrive in the evolving digital landscape

We leverage a comprehensive market intelligence framework and an advanced CRM ...

Gauging Brand Awareness with Data-Driven insights

Arrow PC Network utilizes data-driven insights extensively to gauge brand awar...

PSU

ITI - ITI Limited

ITI Limited is a leading provider of telecommunications equipment, sol...

TCIL - Telecommunications Consultants India Limited

TCIL is a government-owned engineering and consultancy company...

UIDAI - Unique Identification Authority of India

UIDAI and the Aadhaar system represent a significant milestone in Indi...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024 : Samsung Electronics Co. Ltd.

Samsung invests heavily in marketing campaigns to promote...

Most Trusted Brands 2024: Amazon.com Inc

Amazon.com Inc., commonly known as Amazon, is an American multinational techno...

Most Trusted Brands 2024: Infosys Ltd.

Infosys, leverages emerging technologies and digital capabilities to help clie...

Global Indian industry

Indian Tech Talent Excelling The Tech World - Satya Nadella, Chairman & CEO- Microsoft

Satya Nadella, the Chairman and CEO of Microsoft, recently emphasized ...

Indian Tech Talent Excelling The Tech World - Lal Karsanbhai, President & CEO, Emerson

Lal Karsanbhai, President and CEO of Emerson, assumed the leadership i...

Indian Tech Talent Excelling The Tech World - Soni Jiandani, Co-Founder- Pensando Systems

Soni Jiandani, Co-Founder of Pensando Systems, is a tech visionary ren...

STARNITE AWARDS 2024

ITFORUM 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY