Vulnerability in Primavera Gateway Component of Oracle Primavera Products Suite
CVE-2017-3508

9.1CRITICAL

Key Information:

Vendor

Oracle
Status
Primavera Gateway
Vendor
CVE Published:
24 April 2017

What is CVE-2017-3508?

A vulnerability found in the Primavera Gateway component of the Oracle Primavera Products Suite allows high privileged attackers with network access to exploit the system via HTTP. This weakness can lead to the complete takeover of the Primavera Gateway, potentially affecting additional products within the suite. It is crucial for users of affected versions (1.0, 1.1, 14.2, 15.1, 15.2, 16.1, and 16.2) to apply security updates promptly to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Primavera Gateway 1.0

Primavera Gateway 1.1

Primavera Gateway 14.2

References

http://www.oracle.com/technetwork/security-advisory/cpuap...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/97883
vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/97889
vdb-entryx_refsource_BID

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.