Skip to main content

Question

 Wyatt Hitt (WyattH52)
Shentel

Shentel
US
WyattH52 Member since 2020 6 posts
Shentel
Posted: Jul 26, 2024
Last activity: Aug 6, 2024
Posted: 26 Jul 2024 10:58 EDT
Last activity: 6 Aug 2024 12:56 EDT
Solved

PEGA-SESSION-COOKIE

Good Day, 

We recently ran a security scan and got an alert on the PEGA-SESSION-COOKIE. "The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.This issue was found in multiple locations under the reported path."

Is this cookie being used for maintaining user sessions on the Pega platform?

 

Thanks 

***Edited by Moderator Marissa to add Capability tags***
To see attachments, please log in.
Pega Platform 8.8.5
Security

  • Reply

Accepted Solution

Posted: 3 months ago
Updated: 3 months ago
Posted: 28 Jul 2024 8:38 EDT
Updated: 6 Aug 2024 12:56 EDT
Anupam Dubey (Anupam Dubey)
PEGA
Senior Technical Support Engineer
Pegasystems Inc.
IN

Hello @WyattH52

I am hoping that your environment is on Pega Cloud, as this is a cookie that we use for Pega Cloud environments for session stickiness. This cookie does not contain any sensitive information and is only used for routing the requests to the correct node and does not pose any risk.

We do not use this cookie to maintain the authenticated user sessions.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice