Enable access to environmental information to avoid an apparent flaw in some security audits.

Before Pega 7.3, all roles included access to environmental information for the current node. This information can include version numbers of third-party platforms and JVM information. This access appears as a flaw in some security audits. Starting with Pega 7.3, the new @baseclass.pxViewSystemInfo privilege controls access to environmental information. Only the PegaRULES:SysAdm4 role has this privilege by default. After you update from Pega 7.2.2 and earlier, add the @baseclass.pxViewSystemInfo privilege to all system administrator roles that need access to environmental information.

1. In the header of Dev Studio, click ConfigureOrg & SecurityToolsSecurityRole Names.

2. In the pop-up window that displays roles, click the role that you want to edit.

3. In the Dev Studio, click the @baseclass class in the Access Class column.

4. In the Privileges section, click the Plus icon and, in the Name column, select the pxViewSystemInfo privilege.

5. In the Level column, enter 5 for the production level. Production level 5 provides the highest security.

6. Click Submit.

7. Repeat steps 1 through 6 for each role that requires modification.

• Pega Cloud Services post-update tasks (7.x to 8.x)