Authentication Bypass Vulnerability in Oracle Primavera Unifier
CVE-2018-2968

6.5MEDIUM

Key Information:

Vendor

Oracle
Status
Primavera Unifier
Vendor
CVE Published:
18 July 2018

What is CVE-2018-2968?

An authentication bypass vulnerability exists within the Primavera Unifier component of Oracle's Construction and Engineering Suite. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the application's security. Exploitation of this vulnerability necessitates human interaction from a user who is not the attacker. Successful exploitation can lead to unauthorized actions, including the creation, deletion, or alteration of critical data, thereby putting all data accessible through Primavera Unifier at significant risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104823
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.