PT-2018-17580 · Micro Focus · Project/Portfolio Management Center
Publicado
2018-02-22
·
Atualizado
2018-03-20
·
CVE-2018-6489
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Micro Focus Project and Portfolio Management Center version 9.32
Description
The issue is related to an XML External Entity (XXE) vulnerability, which can be exploited to allow XXE.
Recommendations
For version 9.32, update to a version that includes a fix for this issue, as using an XXE vulnerability can lead to unauthorized access to data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XXE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Project/Portfolio Management Center