- What is the Pega CNA?
- Pega is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 34 CVE records since 2021.
- How many CVEs has Pega published?
- Pega has published 34 CVE records, including 14 in the last two years.
- What is Pega's CVE data quality grade?
- RadicalNotion.AI grades Pega's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
- What products does Pega publish CVEs for?
- Pega most frequently publishes CVEs for Pega Infinity, Pega Platform, infinity, platform, synchronization engine.
- Which vendors does Pega cover?
- Pega publishes CVEs across 2 distinct vendors, most often Pega.
- Is Pega actively publishing CVEs?
- Pega is currently active, based on 14 CVEs in the last two years.
- What is the average severity of Pega's CVEs?
- The average CVSS base score across Pega's scored CVEs is 6.9.
- How many critical CVEs has Pega published?
- Pega has published 7 critical-severity CVEs and 8 high-severity CVEs.
- Are any of Pega's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of Pega's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in Pega's CVEs?
- Pega's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-284 (Improper Access Control), CWE-285 (Improper Authorization), CWE-1393 (Use of Default Password).
- How does Pega rank among CNAs?
- By total CVE volume, Pega ranks #207 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.