CVE-2018-2968

N/A

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Primavera Unifier accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).

N/A

N/A

Oracle Construction and Engineering Suite Primavera Unifier组件安全漏洞

Oracle Construction and Engineering Suite是美国甲骨文（Oracle）公司的一款使用与建筑项目的组合管理解决方案套件产品。Primavera Unifier是其中的一个完整的项目生命周期管理解决方案组件。 Oracle Construction and Engineering Suite中的Primavera Unifier 16.x版本、17.x版本和18.x版本组件的Core子组件存在安全漏洞。攻击者可利用该漏洞未授权创建、删除或修改数据，影响数据的完整性。

N/A

N/A