CVE-2023-26467
MEDIUMPega Synchronization Engine 3.1.1-3.1.29 - Man-in-the-Middle Traffic Redirection via Compromised Configuration
Title source: llmDescription
A man in the middle can redirect traffic to a malicious server in a compromised configuration.
References (1)
Core 1
Core References
Scores
CVSS v3
5.4
EPSS
0.0059
EPSS Percentile
43.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-345
Status
published
Products (1)
pega/synchronization_engine
3.1.1 - 3.1.30
Published
Apr 10, 2023
Tracked Since
Feb 18, 2026