本ページは broadcom project_portfolio_management に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2018-13826 | An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks. | [email protected] | 9.1 | 1.83% | 2018-08-30 | 2026-06-16 |
| CVE-2018-13825 | Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks. | [email protected] | 6.1 | 0.90% | 2018-08-30 | 2026-06-16 |
| CVE-2018-13824 | Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks. | [email protected] | 9.8 | 1.75% | 2018-08-30 | 2026-06-16 |
| CVE-2018-13823 | An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information. | [email protected] | 7.5 | 1.88% | 2018-08-30 | 2026-06-16 |
| CVE-2018-13822 | Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information. | [email protected] | 7.5 | 1.33% | 2018-08-30 | 2026-06-16 |