EUVD-2022-26601

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Oracle Primavera Portfolio Management Web API allows unauthorized data access by attackers

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2022-21377	19 Jan 202212:15	–	attackerkb
Circl	CVE-2022-21377	19 Jan 202214:35	–	circl
CNNVD	Oracle Construction and Engineering Suite 输入验证错误漏洞	19 Jan 202200:00	–	cnnvd
CVE	CVE-2022-21377	19 Jan 202211:26	–	cve
Cvelist	CVE-2022-21377	19 Jan 202211:26	–	cvelist
NCSC	Vulnerabilities fixed in Oracle Construction and Engineering	19 Jan 202200:00	–	ncsc
NVD	CVE-2022-21377	19 Jan 202212:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - January 2022	18 Jan 202200:00	–	oracle
Prion	Code injection	19 Jan 202212:15	–	prion
RedhatCVE	CVE-2022-21377	22 May 202523:41	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "3a9f1c57-0a81-37da-b427-73a1784451e9",
        "vendor": {
          "name": "Oracle Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "477648dd-4dc1-3400-86fc-1327d7738761",
        "product": {
          "name": "Primavera Portfolio Management"
        },
        "product_version": "19.0.0.0-19.0.1.2"
      },
      {
        "id": "574fb44c-1904-35ea-93b8-1d810f004d0e",
        "product": {
          "name": "Primavera Portfolio Management"
        },
        "product_version": "18.0.0.0-18.0.3.0"
      },
      {
        "id": "a46bee2c-00f7-3314-93b8-8787d9783462",
        "product": {
          "name": "Primavera Portfolio Management"
        },
        "product_version": "20.0.0.0"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpujan2022.html

03 Oct 2025 20:07Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.4

CVSS 25.8

EPSS0.00567

SSVC