MY BRAND BOOK Researchers found vulnerability in Pega Infinity

Researchers found vulnerability in Pega Infinity

By MYBRANDBOOK

Pega Infinity is a popular enterprise software suite, with over 2,000 users. The package includes customer service and sales automation, an AI-driven ‘customer decision hub’, workforce intelligence, and a ‘no-code’ development platform. Some of its big-list customers include the FBI, US Air Force, Apple, American Express, and others.

According to the research team – Sam Curry, Justin Rhinehart, Brett Buerhaus, and Maik Robert – CVE-2021-27651 is a critical-risk vulnerability in versions 8.2.1 to 8.5.2 of Pega’s Infinity software. The proof of concept demonstrates how an attacker could bypass Pega Infinity’s password reset system. However, the threat actors can fully compromise the Pega instance using malicious techniques like remote code execution, including the alteration of dynamic pages or templates.

Assailants could then use the reset account to “fully compromise” the Pega instance, through administrator-only remote code execution. This could include modifying dynamic pages, or templating. The security researchers came across the Pega Infinity vulnerability through participation in Apple’s bug bounty program.

The vendor added: “We would like to also note that no clients have reported any issues related to this vulnerability. Pega makes security a top priority, and we have acted quickly to remedy this issue.

“Pega believes independent security researchers play a valuable role in internet security, and we encourage responsible reporting of any vulnerabilities that may be found on our site or in our applications.”

BREAKING NEWS

Permanent deletion of transactions can make e-rupee anonymous, RB...

The Governor of Reserve Bank of India (RBI) stated that the permanent del...

Zscaler unveils Digital Experience Monitoring Copilot...

Zscaler has announced groundbreaking innovations - ZDX Copilot, Hosted Mon...

Ola Krutrim unveils its AI vision for India...

Ola's artificial intelligence platform, Krutrim has revealed its plans to ...

Tamil Nadu Police Facial Recognition Portal faced breach...

A security flaw was discovered in the facial recognition webpage of the Ta...

TECHNO TRENDS

BHIM to join e-commerce, competing with PhonePe and Google Pay

The government-supported payment software BHIM is getting ready to join t...

The latest version of X helps prevent deepfakes on social medi

To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...

India and Namibia collaborate on a payment system similar to U

Once operational, the platform will enable digital transactions in Namibia,...

Sebi issues show-cause notices to six Adani group firms

Sebi issued show-cause notices to six Adani Group firms, including Adani ...

E-Magazine

TECHNOTAINMENT

S.S. Rajamouli and Disney+ Hotstar brings the untold story of

Airtel Xstream Play strengthens regional content library, part

Bharti Airtel (“Airtel”), one of India’s leading telecommunications

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

The Enforcement Directorate (ED) has seized businessman Raj Kundra's pro

MOVERS & SHAKERS

New Relic names Katrina Wong as CMO

Clover Infotech appointed Subham Banerjee as CDO

Clover Infotech has announced the appointment of Subham Banerjee as its Ch

Saviynt ropes in Sanjeevi Kumar as new Sales Director in India

The cloud-native identity and governance platform solutions provider Saviy

OPEN YOUR EYES

Digital economy is at risk with the growing cyber attacks

Future of Work To Be Fully Dependent Upon Digital Technology

A question arises on how would be the future of the workplace?

Cyber Security, AI/ML & Public Cloud Top Priorities for CIOs

The rise in internet usage has opened the doors to conduct cyber-attacks

INTERVIEWS

Autodesk investing in emerging Design & Make technologies to d

CommScope celebrates its 25 years of legacy in India by contin

A strong brand must also reflect the company values and speak exactly what

AMD Pensando innovation CONTINUES

In 2022, AMD announced its acquisition of Pensando Systems, an addition to

HOT PICK

Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

COLORFUL rolls out an array of gaming laptops

COLORFUL launched its incredible series of COLORFUL EVOL P15 gaming laptop

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies has launched the broadest portfolio of commercial AI lap

MAKE IN INDIA BRANDS

LUMINOUS POWER TECHNOLOGIES PVT. LTD.

OPTIEMUS INFRACOM

ZOHO CORPORATION PVT. LTD.

MATRIX COMSEC PVT. LTD.

EMINENT CIO'S OF INDIA

Digital Ecosystem discovering new avenues of working

Although we have limited foot-print of direct cust...

With a planned agenda and strategic move enhancing the business growth

Being a CISO I am setting up clear goals on a quar...

In the Tech-driven world, digitalization is crucial to survive and succeed

The companies that are doing more to build trust a...

ICONS OF INDIA

Technology Icons Of India 2023: Aalok Kumar

Aalok continues to lead the India business and further strengthen Indi...

Technology Icons Of India 2023: Sachin Bansal

Sachin Bansal’s fintech startup, Navi Technologies, simplifies loan ...

Technology Icons Of India 2023: Vijay Shekhar Sharma

Vijay Shekhar Sharma is an Indian technology entrepreneur and billiona...

PARTNER SPEAKERS

Creating a valuable and profitable long term business relationship to scale business growth

iValue is the center of the ecosystem, where it connects its channel partners ...

How can organizations leverage digital technology to ideate, execute, and optimize marketing campaigns?

Marketers now leverage a wide range of AI-powered tools and digital engagement...

The Ability To Be Flexible And Adaptable Is Essential For Navigating The Unknowns Of The Future

Shivaami’s support and encouragement play a vital role in helping enterprise...

PSU

ITI Limited widening its focus area

ITI Limited is a public sector undertaking company, has manufacturing ...

NIC bridging the digital divide and supporting government in eGovernance

The National Informatics Centre (NIC) is an Indian government departme...

EESL encouraging e-mobility adoption across India

Energy Efficiency Services Limited (EESL) is a Super Energy Service Co...

VIDEOS

Top 25 Brands

Most Trusted Brands 2023 : Infosys Limited

With 40+ years of service, Infosys enables clients with an AI-powered core, em...

Most Trusted Brands 2023 : Wipro Limited

Wipro is a leader in innovation, and it has a strong track record of developin...

Most Trusted Brands 2023 : Amazon Web Services (AWS)

As the world’s most comprehensive and broadly adopted cloud, AWS offers over...

Value-Added Distribution

BEETEL TELETECH LTD.

: Beetel is one of the oldest and most reputed brands in the Industry,...

M. TECH SOLUTIONS (I) PVT. LTD.

M.Tech is a leading cyber security and network performance solutions ...

RAH INFOTECH

RAH Infotech is India’s fastest growing technology value added dist...

ITFORUM 2024

WIITF 2024

CMO of the Year

WOMEN LEADERSHIP

EMINENT CIO's OF INDIA

TRENDS IN TECHNOLOGY