Authorization Weakness in Pega Platform Affects User Data Access
CVE-2025-62180
7.1HIGH
What is CVE-2025-62180?
The Pega Platform suffers from an authorization weakness affecting versions 8.3.0 through Infinity 25.1.2, which could allow authenticated users to exploit crafted URLs to access unauthorized data. This flaw poses a significant risk of sensitive data exposure, highlighting the need for immediate remediation efforts to secure the affected systems.
Affected Version(s)
Pega Infinity 8.3.0
References
CVSS V4
Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Mohammed F. Alaskar from Saudi Awwal Bank Cybersecurity Team
