Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-10038

EPSS 0.69% · P72
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-10038

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera P6 Enterprise Project Portfolio Management accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Oracle Primavera P6 Enterprise Project Portfolio Management 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle Primavera Products Suite是美国甲骨文(Oracle)公司的一款项目组合管理解决方案套件产品。Primavera P6 Enterprise Project Portfolio Management(P6 EPPM)是其中的一个用于项目的规划、管理和执行的组件。 Oracle Primavera Products Suite中的Primavera P6 EPPM组件的Web Access子组件存在安全漏洞。远程攻击者可利用该漏洞未授权访问数据,影响数据的保密性。以下版本
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Oracle CorporationPrimavera P6 Enterprise Project Portfolio Management 15.1 -

II. Public POCs for CVE-2017-10038

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-10038

Please Login to view more intelligence information

Same Patch Batch · Oracle Corporation · 2017-08-08 · 239 CVEs total

CVE-2017-10205Oracle Hospitality Simphony 安全漏洞
CVE-2017-10186Oracle iStore 安全漏洞
CVE-2017-10187Oracle VM VirtualBox 安全漏洞
CVE-2017-10188Oracle Hospitality Hotel Mobile 安全漏洞
CVE-2017-10189Oracle Hospitality Suite8 安全漏洞
CVE-2017-10191Oracle Web Analytics 安全漏洞
CVE-2017-10192Oracle iStore 安全漏洞
CVE-2017-10193Oracle Java SE和Java SE Embedded 安全漏洞
CVE-2017-10195Oracle Hospitality Simphony 安全漏洞
CVE-2017-10196Oracle Outside In Technology 安全漏洞
CVE-2017-10198Oracle Java SE、Java SE Embedded和JRockit 安全漏洞
CVE-2017-10199Oracle Learner Pages 安全漏洞
CVE-2017-10200Oracle Hospitality e7 安全漏洞
CVE-2017-10202Oracle Database Server 安全漏洞
CVE-2017-10204Oracle VM VirtualBox 安全漏洞
CVE-2017-10216Oracle Hospitality Property Interfaces 安全漏洞
CVE-2017-10213Oracle Hospitality Suite8 安全漏洞
CVE-2017-10214Oracle Retail Xstore Point of Service 安全漏洞
CVE-2017-10215Oracle PeopleSoft Enterprise PRTL Interaction Hub 安全漏洞
CVE-2017-10218Oracle Hospitality Guest Access 安全漏洞

Showing top 20 of 239 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Primavera P6 Enterprise Project Portfolio Management
Same vendor: Oracle Corporation

V. Comments for CVE-2017-10038

No comments yet

Leave a comment