CVE-2018-13822

HIGH

Broadcom Project Portfolio Management < 14.3 - Insufficiently Protected Credentials

Title source: rule

Description

Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

References (2)

Scores

CVSS v3 7.5
EPSS 0.0026
EPSS Percentile 49.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-522
Status published

Affected Products (5)

broadcom/project_portfolio_management < 14.3
broadcom/project_portfolio_management
broadcom/project_portfolio_management
broadcom/project_portfolio_management
broadcom/project_portfolio_management

Timeline

Published Aug 30, 2018
Tracked Since Feb 18, 2026