Issued: August 29, 2018
Last Updated: August 29, 2018
CA Technologies Support is alerting customers to multiple potential risks with CA PPM (formerly CA Clarity PPM). Multiple vulnerabilities exist that can allow an attacker to conduct a variety of attacks.
The first vulnerability, CVE-2018-13822, has a medium risk rating and concerns an SSL password being stored in plain text, which can allow an attacker to access sensitive information.
The second vulnerability, CVE-2018-13823, has a high risk rating and concerns an XML external entity vulnerability in the XOG functionality, which can allow a remote attacker to access sensitive information.
The third vulnerability, CVE-2018-13824, has a high risk rating and concerns two parameters that fail to properly sanitize input, which can allow a remote attacker to execute SQL injection attacks.
The fourth vulnerability, CVE-2018-13825, has a high risk rating and concerns improper input validation by the gridExcelExport functionality, which can allow a remote attacker to execute reflected cross-site scripting attacks.
The fifth vulnerability, CVE-2018-13826, has a medium risk rating and concerns an XML external entity vulnerability in the XOG functionality, which can allow a remote attacker to conduct server side request forgery attacks.
Cumulative risk rating: High
All supported platforms
CA PPM 14.3 and below
CA PPM 14.4
CA PPM 15.1
CA PPM 15.2
CA PPM 15.3
CA PPM 15.2 with appropriate patch level listed in Solution section of this document.
CA PPM 15.3 with appropriate patch level listed in Solution section of this document.
CA PPM 15.4
CA PPM 15.4.1
How to determine if the installation is affected
Customers can use the CA PPM Classic interface to find the release and patch level by clicking on "About" in the upper right corner of any screen.
CA Technologies published the following solutions to address the vulnerabilities.
CA PPM 15.3:
Apply 15.3.Cumulative Patch 3 (22.214.171.124) or later.
CA PPM 15.2:
Apply 15.2 Cumulative Patch 6 (126.96.36.199) or later.
CA PPM 14.3 and below:
As you plan your upgrade to the latest release, please feel free to contact CA Technologies Support should you have any questions.
CVE-2018-13822 - CA PPM unencrypted SSL password
CVE-2018-13823 - CA PPM XXE in XOG info disclosure
CVE-2018-13824 - CA PPM SQL injection
CVE-2018-13825 - CA PPM gridExcelExport Reflected XSS
CVE-2018-13826 - CA PPM XXE in XOG SSRF
CVE-2018-13822 - Piotr Domirski
CVE-2018-13823 - Piotr Domirski
CVE-2018-13824 - Piotr Domirski
CVE-2018-13825 - Piotr Domirski
CVE-2018-13826 - Piotr Domirski
Version 1.0: 2018-08-29 - Initial Release
CA customers may receive product alerts and advisories by subscribing to Proactive Notifications.
Customers who require additional information about this notice may contact CA Technologies Support at http://support.ca.com/.
To report a suspected vulnerability in a CA Technologies product, please send a summary to the CA Technologies Product Vulnerability Response Team.