CVSS: 5.4EPSS: 1%CPEs: 5EXPL: 2CVE-2017-10046 – Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting
https://notcve.org/view.php?id=CVE-2017-10046
08 Aug 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2 and 16.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera P6 En... • https://packetstorm.news/files/id/146437 • CWE-269: Improper Privilege Management •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2017-10160
https://notcve.org/view.php?id=CVE-2017-10160
08 Aug 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Primavera P6 Enterprise Project... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-10131
https://notcve.org/view.php?id=CVE-2017-10131
08 Aug 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 9.9EPSS: 1%CPEs: 6EXPL: 0CVE-2017-3503
https://notcve.org/view.php?id=CVE-2017-3503
24 Apr 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access (Apache Commons BeanUtils)). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. While the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may s... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2017-3579
https://notcve.org/view.php?id=CVE-2017-3579
24 Apr 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primav... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2017-3583
https://notcve.org/view.php?id=CVE-2017-3583
24 Apr 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerabilit... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2017-3263
https://notcve.org/view.php?id=CVE-2017-3263
27 Jan 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Team Member). Supported versions that are affected are 8.2, 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critica... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2017-3324
https://notcve.org/view.php?id=CVE-2017-3324
27 Jan 2017 — Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.2, 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. While the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may significantly impact add... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-5533
https://notcve.org/view.php?id=CVE-2016-5533
25 Oct 2016 — Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.4, 15.x, and 16.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Primavera P6 Enterprise Project Portfolio Management en Oracle Primavera Products Suite 8.4, 15.x y 16.x permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores desconoc... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 5%CPEs: 36EXPL: 0CVE-2016-0635
https://notcve.org/view.php?id=CVE-2016-0635
21 Jul 2016 — Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine componen... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •