Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_PRIMAVERA_GATEWAY_CPU_APR_2021.NASL
HistoryApr 22, 2021 - 12:00 a.m.

Oracle Primavera Gateway (Apr 2021 CPU)

2021-04-2200:00:00
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37
JSON

According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.2.x, 17.12.x prior to 17.12.11. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.

  • Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin (JCraft JSch)). Supported versions that are affected are 17.12.0-17.12.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Gateway. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Primavera Gateway accessible data. (CVE-2016-5725)

  • Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin (Apache Groovy)). Supported versions that are affected are 17.12.0-17.12.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Primavera Gateway executes to compromise Primavera Gateway. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Gateway accessible data.
    (CVE-2020-17521)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
##

include('compat.inc');

if (description)
{
  script_id(148916);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id("CVE-2016-5725", "CVE-2020-17521");
  script_bugtraq_id(93100);
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");

  script_name(english:"Oracle Primavera Gateway (Apr 2021 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host
is 16.2.x, 17.12.x prior to 17.12.11. It is, therefore, affected by multiple vulnerabilities as referenced in the
April 2021 CPU advisory.

  - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin
    (JCraft JSch)). Supported versions that are affected are 17.12.0-17.12.10. Difficult to exploit
    vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera
    Gateway. Successful attacks of this vulnerability can result in unauthorized creation, deletion or
    modification access to critical data or all Primavera Gateway accessible data. (CVE-2016-5725)

  - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin
    (Apache Groovy)). Supported versions that are affected are 17.12.0-17.12.10. Easily exploitable
    vulnerability allows low privileged attacker with logon to the infrastructure where Primavera Gateway
    executes to compromise Primavera Gateway. Successful attacks of this vulnerability can result in
    unauthorized access to critical data or complete access to all Primavera Gateway accessible data.
    (CVE-2020-17521)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/a/tech/docs/cpuapr2021cvrf.xml");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2021.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2021 Oracle Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5725");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/01/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/03/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/22");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:primavera_gateway");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_primavera_gateway.nbin");
  script_require_keys("installed_sw/Oracle Primavera Gateway");
  script_require_ports("Services/www", 8006);

  exit(0);
}

include('vcf.inc');
include('http.inc');

get_install_count(app_name:'Oracle Primavera Gateway', exit_if_zero:TRUE);

var port = get_http_port(default:8006);

var app_info = vcf::get_app_info(app:'Oracle Primavera Gateway', port:port);

vcf::check_granularity(app_info:app_info, sig_segments:2);

var constraints = [
  { 'min_version' : '16.2.0', 'max_version' : '16.2.11', 'fixed_display' : 'Please see vendor advisory' },
  { 'min_version' : '17.12.0', 'fixed_version' : '17.12.11' }
];

vcf::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_WARNING
);
VendorProductVersionCPE
oracleprimavera_gatewaycpe:/a:oracle:primavera_gateway

Related

nessus 6
github 2
ibm 12
redhatcve 1
suse 1
ubuntucve 2
openvas 4
prion 2
veracode 1
osv 4
archlinux 1
cve 2
debiancve 2
exploitpack 1
debian 2
zdt 1
mageia 1
exploitdb 1
redhat 4
oracle 11
nessus
nessus
openSUSE Security Update : groovy (openSUSE-2020-2367)
2021-01-25 00:00:00
Debian DLA-611-1 : jsch security update
2016-09-06 00:00:00
Debian DLA-2184-1 : jsch security update
2020-04-27 00:00:00
github
github
Information Disclosure in Apache Groovy
2020-12-09 19:03:03
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch
2022-05-13 01:09:33
ibm
ibm
Security Bulletin: CVE-2020-17521 Apache Groovy's provided extension methods to aid with creating temporary directories was using a now superseded Java JDK method call that is potentiallly not secure in some situations.
2021-09-01 20:04:01
Security Bulletin: Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE
2021-03-29 21:04:31
Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2016-5725 found in jsch-0.1.40.jar
2023-08-30 15:25:36
redhatcve
redhatcve
CVE-2020-17521
2021-01-29 10:31:19
suse
suse
Security update for groovy (moderate)
2020-12-31 00:00:00
ubuntucve
ubuntucve
CVE-2020-17521
2020-12-07 00:00:00
CVE-2016-5725
2017-01-19 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3917-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2016-0311)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-611-1)
2023-03-08 00:00:00
prion
prion
Code injection
2020-12-07 20:15:00
Directory traversal
2017-01-19 22:59:00
veracode
veracode
Information Disclosure
2020-12-10 02:51:13
osv
osv
CVE-2020-17521
2020-12-07 20:15:12
Information Disclosure in Apache Groovy
2020-12-09 19:03:03
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch
2022-05-13 01:09:33
archlinux
archlinux
[ASA-202103-14] groovy: privilege escalation
2021-03-25 00:00:00
cve
cve
CVE-2020-17521
2020-12-07 20:15:00
CVE-2016-5725
2017-01-19 22:59:00
debiancve
debiancve
CVE-2020-17521
2020-12-07 20:15:00
CVE-2016-5725
2017-01-19 22:59:00
exploitpack
exploitpack
JCraftJSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
2016-09-22 00:00:00
debian
debian
[SECURITY] [DLA 2184-1] jsch security update
2020-04-25 17:25:49
[SECURITY] [DLA 611-1] jsch security update
2016-09-05 18:07:45
zdt
zdt
JCraft / JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
2016-09-22 00:00:00
mageia
mageia
Updated jsch packages fix security vulnerability
2016-09-21 23:38:22
exploitdb
exploitdb
JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
2016-09-22 00:00:00
redhat
redhat
(RHSA-2017:3115) Moderate: Red Hat JBoss Fuse/A-MQ 6.3 R5 security and bug fix update
2017-11-02 20:06:29
(RHSA-2021:3207) Moderate: Red Hat Integration Camel Quarkus Tech-Preview 2 security update
2021-08-18 09:50:40
(RHSA-2021:3205) Moderate: Red Hat Integration Camel-K 1.4 release and security update
2021-08-18 09:09:40
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
JSON
Related for ORACLE_PRIMAVERA_GATEWAY_CPU_APR_2021.NASL
nessus6github2ibm12redhatcve1suse1ubuntucve2openvas4prion2veracode1osv4archlinux1cve2debiancve2exploitpack1debian2zdt1mageia1exploitdb1redhat4oracle11