MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities
CVE-2017-14362

7.3HIGH

Key Information:

Vendor: Micro Focus
Status: Project And Portfolio Management Center
Vendor: CVE Published:; 13 December 2017

🔔 Create Micro Focus Vulnerability Alert

What is CVE-2017-14362?

Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack.

Affected Version(s)

Project and Portfolio Management Center 9.32

References

http://www.securitytracker.com/id/1040088

vdb-entryx_refsource_SECTRACK

https://softwaresupport.softwaregrp.com/document/-/facets...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2017
Vulnerability Reserved
Sep 12, 2017

Credit

Micro Focus would like to thank Xiaoran Wang for reporting this issue to [email protected]