CVE-2022-35656

MEDIUM

Pega Platform <8.7.3 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly.

Scores

CVSS v3 4.5
EPSS 0.0029
EPSS Percentile 21.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
pega/pega_platform 8.3 - 8.7.3
Published Aug 22, 2022
Tracked Since Feb 18, 2026