CVE-2025-21558

🗓️ 21 Jan 2025 20:53:19Reported by oracleType

CVE-2025-21558 details a vulnerability affecting system security components.

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application allows a attacker to gain read access to data or modify data.	10 Feb 202500:00	–	bdu_fstec
Circl	CVE-2025-21558	21 Jan 202521:01	–	circl
CNNVD	Oracle Construction and Engineering Suite 安全漏洞	21 Jan 202500:00	–	cnnvd
Cvelist	CVE-2025-21558	21 Jan 202520:53	–	cvelist
EUVD	EUVD-2025-2547	3 Oct 202520:07	–	euvd
NVD	CVE-2025-21558	21 Jan 202521:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - January 2025	21 Jan 202500:00	–	oracle
Tenable Nessus	Oracle Primavera P6 Enterprise Project Portfolio Management (January 2025 CPU)	23 Jan 202500:00	–	nessus
OSV	CVE-2025-21558	21 Jan 202521:15	–	osv
RedhatCVE	CVE-2025-21558	23 May 202512:02	–	redhatcve

NVD

Vulners

Node

oracle primavera_p6_enterprise_project_portfolio_managementRange20.12.1.0–20.12.21.5

oracle primavera_p6_enterprise_project_portfolio_managementRange21.12.1.0–21.12.20.0

oracle primavera_p6_enterprise_project_portfolio_managementMatch22.12.1.0

[
  {
    "vendor": "Oracle Corporation",
    "product": "Primavera P6 Enterprise Project Portfolio Management",
    "cpes": [
      "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:20.12.1.0-20.12.21.5:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.1.0-21.12.20.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:22.12.1.0:*:*:*:*:*:*:*"
    ],
    "versions": [
      {
        "version": "20.12.1.0",
        "status": "affected",
        "lessThanOrEqual": "20.12.21.5",
        "versionType": "custom"
      },
      {
        "version": "21.12.1.0",
        "status": "affected",
        "lessThanOrEqual": "21.12.20.0",
        "versionType": "custom"
      },
      {
        "version": "22.12.1.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpujan2025.html

18 Jun 2025 19:24Current

4.7Medium risk

Vulners AI Score4.7

CVSS 3.15.4

EPSS0.00132

SSVC

CWE-863

cve vulnerability system security