Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Pega Infinity Improper Authentication Vulnerability - CVE-2021-27651 - Vulnerability Database
Pega Infinity

Pega Infinity Improper Authentication Vulnerability - CVE-2021-27651

Critical
Reference: CVE-2021-27651
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-27651
Title: Pega Infinity Improper Authentication Vulnerability
Overview:

In versions 8.2.1 through 8.5.2 of Pega Infinity the password reset functionality for local accounts can be used to bypass local authentication checks.