Описание
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.3 (включая)
Одно из
cpe:2.3:a:broadcom:project_portfolio_management:*:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:project_portfolio_management:14.4:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:project_portfolio_management:15.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:project_portfolio_management:15.2:cp5:*:*:*:*:*:*
cpe:2.3:a:ca:project_portfolio_management:15.3:cp2:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00432
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
EPSS
Процентиль: 62%
0.00432
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611