EUVD-2023-26054

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Oracle Primavera Gateway allows low privileged network attacks, affecting several versions.

Reporter	Title	Published	Views	Family All 10
CNNVD	Oracle Construction and Engineering Suite 安全漏洞	17 Jan 202300:00	–	cnnvd
CVE	CVE-2023-21888	17 Jan 202323:35	–	cve
Cvelist	CVE-2023-21888	17 Jan 202323:35	–	cvelist
NVD	CVE-2023-21888	18 Jan 202300:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - January 2023	17 Jan 202300:00	–	oracle
Tenable Nessus	Oracle Primavera Gateway (Jan 2023 CPU)	20 Jan 202300:00	–	nessus
Prion	Code injection	18 Jan 202300:15	–	prion
Positive Technologies	PT-2023-1203 · Oracle · Primavera Gateway	17 Jan 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-21888	23 May 202504:19	–	redhatcve
Vulnrichment	CVE-2023-21888	17 Jan 202323:35	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "21c19ca4-6a31-38f4-ba7a-cbfe89606b1b",
        "vendor": {
          "name": "Oracle Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "3e5540b8-1248-3948-87aa-56dd980318a2",
        "product": {
          "name": "Primavera Gateway"
        },
        "product_version": "18.8.0-18.8.15"
      },
      {
        "id": "7fa642ff-4ada-3620-965a-56b5fd184246",
        "product": {
          "name": "Primavera Gateway"
        },
        "product_version": "21.12.0-21.12.8"
      },
      {
        "id": "8d02c4ca-f37a-3984-a5f6-cc4b5737c356",
        "product": {
          "name": "Primavera Gateway"
        },
        "product_version": "20.12.0-20.12.10"
      },
      {
        "id": "bdb81b18-c9e6-3ce6-8a29-972f287f6792",
        "product": {
          "name": "Primavera Gateway"
        },
        "product_version": "19.12.0-19.12.15"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpujan2023.html

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.15.4

EPSS0.00337

SSVC

vulnerability oracle primavera gateway network attack low privileged access unauthorized data