Multiple vulnerabilities in Primavera P6 Enterprise Project Portfolio Management

1) Improper input validation

EUVDB-ID: #VU29976

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-14653

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the Web Access component in Primavera P6 Enterprise Project Portfolio Management. A remote authenticated user can exploit this vulnerability to read and manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Primavera P6 Enterprise Project Portfolio Management: 16.1.0.0 - 20.2.0.0

CPE2.3

• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2.18.0:*:*:*:*:*:*:*

External links

http://www.oracle.com/security-alerts/cpujul2020.html?3194

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper input validation

EUVDB-ID: #VU29975

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-14706

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Web Access component in Primavera P6 Enterprise Project Portfolio Management. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Primavera P6 Enterprise Project Portfolio Management: 17.1.0 - 20.2.0.0

CPE2.3

• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:17.1.0:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:17.7.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:17.8.0.0:*:*:*:*:*:*:*

External links

http://www.oracle.com/security-alerts/cpujul2020.html?3194

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper access control

EUVDB-ID: #VU19218

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-17196

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to sensitive information.

The vulnerability exists due to improper security restrictions imposed by the affected software. A remote authenticated attacker with write permission on respective topics can send a crafted Produce request that is designed to bypass transaction/idempotent access control list (ACL) validation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Primavera P6 Enterprise Project Portfolio Management: 19.12.0 - 20.2.0.0

CPE2.3

• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:19.12.0:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:19.12.1:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:19.12.3:*:*:*:*:*:*:*

External links

http://www.oracle.com/security-alerts/cpujul2020.html?3194

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Exposed dangerous method or function

EUVDB-ID: #VU28238

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-10683

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to abuse implemented functionality.

The vulnerability exists due to dom4j allows by default external DTDs and External Entities. A remote attacker can abuse this functionality and perform XXE attack against application that uses dom4j default configuration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Primavera P6 Enterprise Project Portfolio Management: 16.1.0.0 - 20.2.0.0

CPE2.3

• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2.18.0:*:*:*:*:*:*:*

External links

http://www.oracle.com/security-alerts/cpujul2020.html?3194

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.