CVE-2018-13823
HIGHBroadcom Project Portfolio Management < 14.3 - XXE
Title source: ruleDescription
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
Scores
CVSS v3
7.5
EPSS
0.0043
EPSS Percentile
62.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-611
Status
published
Affected Products (5)
broadcom/project_portfolio_management
< 14.3
broadcom/project_portfolio_management
broadcom/project_portfolio_management
ca/project_portfolio_management
ca/project_portfolio_management
Timeline
Published
Aug 30, 2018
Tracked Since
Feb 18, 2026