CVE-2023-50165 HIGH

CVE-2023-50165

Vendor Pegasystems
Product Pega Platform
Weakness CWE-918 · SSRF
Published January 31, 2024
Last update October 17, 2024

CVSS base score

8.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

What the vulnerability does

01Description

Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents.

Key dates

02Disclosure timeline

January 31, 2024 CVE published
October 17, 2024 Record updated