Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2017-11356

Published: 02/08/2017 Updated: 08/09/2017
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 405
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Subscribe to Pega Platform

Vulnerability Summary

The application distribution export functionality in PEGA Platform 7.2 ML0 and previous versions allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control.

Vulnerable Product Search on Vulmon Subscribe to Product

pega pega platform

Exploits

Exploit DB: PEGA Platform <= 7.2 ML0 - Missing Access Control / Cross-Site Scripting
Summary ======= 1 Missing access control (CVE-2017-11356) 2 Multiple cross-site scripting (CVE-2017-11355) Vendor ====== "Pegasystems Inc is the leader in software for customer engagement and operational excellence Pega’s adaptive, cloud-architected software – built on its unified Pega® Platform – empowers people to rapidly deploy, and ...
Exploit DB: PEGA Platform 7.2 ML0 Missing Access Control / Cross Site Scripting
PEGA Platform versions 72 ML0 and below suffer from missing access control and cross site scripting vulnerabilities ...

References

CWE-200http://seclists.org/fulldisclosure/2017/Jul/28https://www.exploit-db.com/exploits/42335/https://pdn.pega.com/pegasystems-security-bulletin-cve-2017-11355-and-cve-2017-11356/pegasystems-security-bulletin-cvehttps://nvd.nist.govhttps://www.exploit-db.com/exploits/42335/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook