PT-2018-12208 · Ca · Ca Ppm
Published
2018-08-30
·
Updated
2021-04-12
·
CVE-2018-13824
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
CA PPM versions 14.3 and below
CA PPM version 14.4
CA PPM versions 15.1 through 15.2 CP5 and below
CA PPM versions 15.3 through 15.3 CP2 and below
Description
The issue is related to insufficient input sanitization of two parameters, allowing remote attackers to execute SQL injection attacks.
Recommendations
For CA PPM versions 14.3 and below, update to a version above 14.3.
For CA PPM version 14.4, update to a version above 14.4.
For CA PPM versions 15.1 through 15.2 CP5 and below, update to a version above 15.2 CP5.
For CA PPM versions 15.3 through 15.3 CP2 and below, update to a version above 15.3 CP2.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ca Ppm