Information Disclosure via Pega-Host Header

Description

The 'Pega-Host' header discloses that the application is running on or interfacing with Pega, a business process management (BPM) and customer relationship management (CRM) platform. By exposing this detail, attackers can narrow their approach to focus on Pega-specific vulnerabilities, default configurations, or known weaknesses. Such leaks may lead to attempts at privilege escalation, data extraction, or manipulation of workflow automations. Additionally, knowledge of the underlying technology stack aids malicious actors in social engineering efforts by crafting more credible phishing or targeted exploits. Ultimately, leaving this header unmasked can increase the application’s attack surface and compromise business processes governed by Pega.

Remediation

Remove or mask the 'Pega-Host' header at the server or application configuration level if possible. Restrict or rename any custom headers that disclose internal platform details, and ensure that reverse proxies or load balancers do not inadvertently re-inject these headers. Keep your Pega platform updated with the latest security patches, and monitor official advisories or vulnerability disclosures. Supplement this setup with a Web Application Firewall (WAF) or intrusion detection system to identify suspicious requests that might exploit Pega-related functionality. Finally, perform regular security reviews to confirm that sensitive platform data remains protected and does not leak through response headers.

References

Severity

Owasp

Code: A05:2021

Category: Security Misconfiguration

Classification