Multiple vulnerabilities in Primavera Gateway
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2023-20863 CVE-2021-37533 CVE-2022-48285 CVE-2023-1370 |
| CWE-ID | CWE-20 CWE-345 CWE-22 CWE-674 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Primavera Gateway Server applications / Application servers |
| Vendor | Oracle |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU75409
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-20863
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote user can use a specially crafted SpEL expression and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPrimavera Gateway: 18.8.0 - 21.12.9
CPE2.3- cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujul2023.html?504241
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insufficient verification of data authenticity
EUVDB-ID: #VU70441
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-37533
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows an attacker to redirect victim to a malicious host.
The vulnerability exists due to the application trusts the host from PASV response by default. A remote attacker can trick the victim into connecting to an attacker controlled FTP server and then redirect the application to another host.
Install update from vendor's website.
Vulnerable software versionsPrimavera Gateway: 18.8.0 - 21.12.9
CPE2.3- cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujul2023.html?504241
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Path traversal
EUVDB-ID: #VU73970
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-48285
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to insufficient sanitization of user-supplied in the loadAsync() method. A remote attacker can pass a specially crafted ZIP archive to the application and overwrite arbitrary files on the system.
Install update from vendor's website.
Vulnerable software versionsPrimavera Gateway: 18.8.0 - 21.12.9
CPE2.3- cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujul2023.html?504241
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Uncontrolled Recursion
EUVDB-ID: #VU75044
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-1370
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncontrolled recursion when processing nested arrays and objects. A remote attacker can pass specially crafted JSON data to the application and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsPrimavera Gateway: 18.8.0 - 21.12.9
CPE2.3- cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_gateway:18.8.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujul2023.html?504241
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
