CPE-2BE1E0BF-8CCC-4DDA-9F79-2A79C1113091 Detail

CPE Details

Oracle Primavera P6 Enterprise Project Portfolio Management 16.2.20

Vendor

oracle

Product

primavera_p6_enterprise_project_portfolio_management

Version

16.2.20

Created

2021-09-03
11h39 +00:00

Modified

2021-09-07
13h50 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2.20:::::::*

Informations

Vendor

oracle

Product

primavera_p6_enterprise_project_portfolio_management

Version

16.2.20

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2020-5421	2020-09-19 03h45 +00:00	In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.	6.5	Medium
CVE-2020-14653	2020-07-15 15h34 +00:00	Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 16.1.0.0-16.2.20.1, 17.1.0.0-17.12.17.1 and 18.1.0.0-18.8.18.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera P6 Enterprise Project Portfolio Management accessible data as well as unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).	5.4	Medium
CVE-2020-10683	2020-05-01 16h55 +00:00	dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.	9.8	Critical
CVE-2018-1000632	2018-08-20 17h00 +00:00	dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.	7.5	High

Oracle Primavera P6 Enterprise Project Portfolio Management 16.2.20

CPE Details

CPE Name: cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2.20:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2.20:::::::*