Language:
https://www.oracle.com/security-alerts/cpuapr2024.html
https://www.oracle.com/docs/tech/security-alerts/cpuapr2024csaf.json
Severity: High
ID: 193436
File Name: oracle_primavera_unifier_cpu_apr_2024.nasl
Version: 1.6
Type: remote
Family: CGI abuses
Published: 4/17/2024
Updated: 10/23/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Factor: High
Score: 7.4
Risk Factor: High
Base Score: 9
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2023-50386
Risk Factor: High
Base Score: 8.8
Temporal Score: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
CPE: cpe:/a:oracle:primavera_unifier
Required KB Items: installed_sw/Oracle Primavera Unifier, www/weblogic
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/16/2024
Vulnerability Publication Date: 4/16/2024
CISA Known Exploited Vulnerability Due Dates: 10/31/2023
Metasploit (Apache Solr Backup/Restore APIs RCE)
CVE: CVE-2023-44487, CVE-2023-50298, CVE-2023-50386, CVE-2024-25710, CVE-2024-26308
IAVA: 2024-A-0234-S