CVE-2018-13823 Vulnerability Details

  /     /     /  

CVE-2018-13823 Metadata Quick Info

CVE Published: 30/08/2018 | CVE Updated: 16/09/2024 | CVE Year: 2018
Source: ca | Vendor: CA Technologies | Product: PPM
Status : PUBLISHED

---

CVE-2018-13823 Description

An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: XML External Entity (XXE)
Source: CA Technologies

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).