CVE-2017-3500

Name of the Vulnerable Software and Affected Versions Oracle Primavera Products Suite versions 1.0, 1.1, 14.2, 15.1, 15.2, 16.1, 16.2

Description The issue affects the Primavera Gateway component, allowing a high-privileged attacker with network access via HTTP to compromise it. This can lead to unauthorized access to critical data, complete access to all accessible data, and the ability to cause a hang or crash of the Primavera Gateway, resulting in a denial of service. The vulnerability may also impact additional products.

Recommendations For versions 1.0, 1.1, 14.2, 15.1, 15.2, 16.1, and 16.2, update to a version that includes a fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.