Man-in-the-Middle Vulnerability in Pega Robotics and Workforce Intelligence
CVE-2023-26467

5.4MEDIUM

Key Information:

Vendor: Pegasystems
Status: Rpa: Synchronization Engine
Vendor: CVE Published:; 10 April 2023

🔔 Create Pegasystems Vulnerability Alert

What is CVE-2023-26467?

A man-in-the-middle vulnerability in Pega Robotics and Workforce Intelligence allows attackers to intercept and redirect network traffic to malicious servers. This can occur due to compromised network configurations, potentially exposing sensitive data and impacting system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

RPA: Synchronization Engine 3.1.1

RPA: Synchronization Engine < 3.1.28

References

https://support.pega.com/support-doc/pega-security-adviso...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 10, 2023
Vulnerability Reserved
Feb 23, 2023

Credit

Skyler Knecht and William Martin from the Adversarial Security Practice at Navy Federal Credit Union

JSON

Pegasystems