CNNVD-202512-1797 Information
Dec 10, 2025
cve
CNNVD ID
CNNVD-202512-1797
Related CVE
- CNNVD Published: 2025-12-10
Description (Chinese)
Pega Platform是美国Pega公司的一个企业管理平台。 Pega Platform 7.1.0版本至Infinity 25.1.0版本存在安全漏洞,该漏洞源于用户认证过程中响应时间差异,可能导致用户枚举攻击。
Description (English)
Pega Platform is an enterprise management platform for the United States company Pega. There is a security gap between Pega Platform, Version 7.1.0, and Version 25.1.0 of Information, which stems from the difference in response time during the user authentication process, which may lead to a user countdown.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Pega
Published
2025-12-10
Last Modified
2026-02-24
References
https://support.pega.com/support-doc/pega-security-advisory-j25-vulnerability-remediation-note
Patch
https://support.pega.com/support-doc/pega-security-advisory-j25-vulnerability-remediation-note
Share on: