CVE-2018-2620

Name of the Vulnerable Software and Affected Versions Primavera Unifier versions 10.x through 17.x

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks can result in unauthorized creation, deletion, or modification access to critical data or all Primavera Unifier accessible data, as well as unauthorized access to critical data or complete access to all Primavera Unifier accessible data.

Recommendations For versions 10.x through 17.x, update to a version that includes a fix for this issue to prevent unauthorized access and modifications to critical data.