An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/105297 | Third Party Advisory VDB Entry |
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/105297 | Third Party Advisory VDB Entry |
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:48
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/105297 - Third Party Advisory, VDB Entry | |
References | () https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html - Patch, Vendor Advisory |
Information
Published : 2018-08-30 14:29
Updated : 2024-11-21 03:48
NVD link : CVE-2018-13826
Mitre link : CVE-2018-13826
CVE.ORG link : CVE-2018-13826
JSON object : View
Products Affected
broadcom
- project_portfolio_management
ca
- project_portfolio_management
CWE
CWE-611
Improper Restriction of XML External Entity Reference