At this moment Pega is communicating about the Log4j vulnerability, advising on-premise services and cloud environments to make necessary changes. As stated "this vulnerability could allow malicious actors to take control of organizational networks using Log4j".
In what way are Pega Personal Edition versions impacted? I can imagine that a lot of people are using this version of Pega AND are connected to (company) networks. Are they prone to vulnerabilities?
Hi @Michel Kraaij, yes, your personal edition is as vulnerable as regular Pega versions. Probably your network configuration is making it harder to reach it, however please follow the instructions in the published article or turn it off until hotfixes are released and you get a chance to install it, to help protect you and your company's network.
Posted: 11 months ago
Updated: 11 months ago
Posted: 14 Dec 2021 9:29 EST Updated: 14 Dec 2021 9:30 EST
Michel Kraaij - van den Berg (Michel Kraaij)
Pega Lead on Quality Awareness, Pega CSSA, Pega Trainer, Testconsultant
I already suspected that, @Eric Rietveld. Maybe it's good to inform clients/customers that are working according to the BYOD policy. It's not very uncommon that professionals using these devices have personal editions installed.