Multiple vulnerabilities in Primavera Unifier



Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2024-49771
CVE-2024-57699
CVE-2024-38819
CWE-ID CWE-125
CWE-399
CWE-22
Exploitation vector Network
Public exploit Public exploit code for vulnerability #3 is available.
Vulnerable software
 Primavera Unifier
Client/Desktop applications / Software for system administration

Vendor Oracle

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Improper input validation

EUVDB-ID: #VU107498

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-49771

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Platform (MPXJ) component in Primavera Unifier. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Primavera Unifier: 20.12.0 - 24.12.3

CPE2.3 External links

https://www.oracle.com/security-alerts/cpuapr2025.html?61749


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Resource management error

EUVDB-ID: #VU106926

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-57699

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when handling a specially crafted JSON input. A remote attacker can pass a large number of ’{’ characters to the application and perform a denial of service (DoS) attack.

Note, the vulnerability exists due to incomplete fix for #VU75044 (CVE-2023-1370).

Mitigation

Install update from vendor's website.

Vulnerable software versions

Primavera Unifier: 21.12.0 - 24.12.3

CPE2.3 External links

https://www.oracle.com/security-alerts/cpuapr2025.html?61749


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Path traversal

EUVDB-ID: #VU98796

Risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2024-38819

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in applications that serve static resources through the functional web frameworks WebMvc.fn or WebFlux.fn. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Primavera Unifier: 22.12.0 - 24.12.3

CPE2.3 External links

https://www.oracle.com/security-alerts/cpuapr2025.html?61749


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###