Language:
https://www.oracle.com/docs/tech/security-alerts/cpujan2024csaf.json
https://www.oracle.com/security-alerts/cpujan2024.html#AppendixPVA
Severity: High
ID: 189184
File Name: oracle_primavera_p6_eppm_cpu_jan_2024.nasl
Version: 1.3
Type: remote
Family: CGI abuses
Published: 1/18/2024
Updated: 10/23/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Factor: Medium
Score: 5.2
Risk Factor: Medium
Base Score: 6.2
Temporal Score: 4.9
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:N
CVSS Score Source: CVE-2023-2976
Risk Factor: High
Base Score: 7.1
Temporal Score: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CPE: cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management
Required KB Items: installed_sw/Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM), www/weblogic
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/16/2024
Vulnerability Publication Date: 1/16/2024
CVE: CVE-2023-2976, CVE-2023-42503, CVE-2023-5072
IAVA: 2024-A-0026-S