Lucene search
K

Oracle Primavera P6 Enterprise Project Portfolio Management (January 2026 CPU)

🗓️ 22 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 7 Views

Oracle Primavera P6 EPPM January 2026 CPU flaws in DOMPurify and CXF enable unauthorized access.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities
26 Mar 202522:25
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
15 Mar 202500:18
ibm
IBM Security Bulletins
Security Bulletin: IBM Event Streams is vulnerable to improper access control
4 Mar 202610:31
ibm
IBM Security Bulletins
Security Bulletin: Remediation of Multiple Apache Struts Vulnerabilities in IBM Library Support for Struts
9 Mar 202610:35
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF005 and 24.0.1-IF002.
2 May 202507:23
ibm
IBM Security Bulletins
Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion
11 Sep 202518:18
ibm
IBM Security Bulletins
Security Bulletin: A denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
16 Apr 202516:15
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities affect IBM Tivoli Netcool Impact
24 Oct 202517:27
ibm
IBM Security Bulletins
Security Bulletin: IBM Security QRadar Log Management AQL Plugin includes components with known vulnerabilities
20 Oct 202520:06
ibm
IBM Security Bulletins
Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to improper access control due to Apache Commons BeanUtils (CVE-2025-23184)
2 Jul 202515:26
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(294995);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/22");

  script_cve_id("CVE-2025-26791", "CVE-2025-48734", "CVE-2025-48795");
  script_xref(name:"IAVA", value:"2026-A-0066");

  script_name(english:"Oracle Primavera P6 Enterprise Project Portfolio Management (January 2026 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The versions of Primavera P6 Enterprise Project Portfolio Management installed on the remote host are affected by
multiple vulnerabilities as referenced in the January 2026 CPU advisory.

  - Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction
    and Engineering (component: Team Member (DOMPurify)). Supported versions that are affected are
    21.12.0.0-21.12.21.5, 22.12.0.0-22.12.20.0, 23.12.0.0-23.12.17.0 and 24.12.0.0-24.12.11.0. Difficult to
    exploit vulnerability allows low privileged attacker with logon to the infrastructure where Primavera P6
    Enterprise Project Portfolio Management executes to compromise Primavera P6 Enterprise Project Portfolio
    Management. Successful attacks require human interaction from a person other than the attacker and while
    the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may significantly
    impact additional products (scope change). Successful attacks of this vulnerability can result in
    unauthorized update, insert or delete access to some of Primavera P6 Enterprise Project Portfolio
    Management accessible data as well as unauthorized read access to a subset of Primavera P6 Enterprise
    Project Portfolio Management accessible data. (CVE-2025-26791)

  - Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction
    and Engineering (component: Integrators (Apache CXF)). Supported versions that are affected are
    22.12.0.0-22.12.20.0, 23.12.0.0-23.12.17.0 and 24.12.0.0-24.12.11.0. Difficult to exploit vulnerability
    allows unauthenticated attacker with network access via HTTP to compromise Primavera P6 Enterprise Project
    Portfolio Management. Successful attacks of this vulnerability can result in unauthorized update, insert
    or delete access to some of Primavera P6 Enterprise Project Portfolio Management accessible data as well
    as unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible
    data and unauthorized ability to cause a partial denial of service (partial DOS) of Primavera P6
    Enterprise Project Portfolio Management. (CVE-2025-48795)

  - Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction
    and Engineering (component: Web Access (Apache Commons BeanUtils)). Supported versions that are affected
    are 21.12.0.0-21.12.21.5, 22.12.0.0-22.12.20.0, 23.12.0.0-23.12.17.0 and 24.12.0.0-24.12.6.0. Difficult to
    exploit vulnerability allows unauthenticated attacker with network access via HTTP/2 to compromise
    Primavera P6 Enterprise Project Portfolio Management. Successful attacks of this vulnerability can result
    in unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible
    data. (CVE-2025-48734)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpujan2026csaf.json");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpujan2026.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the January 2026 Oracle Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-26791");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/01/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/01/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/22");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_primavera_p6_eppm.nbin");
  script_require_keys("installed_sw/Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)");
  script_require_ports("Services/www", 8004);

  exit(0);
}

include('vcf.inc');
include('http.inc');

get_install_count(app_name:'Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)', exit_if_zero:TRUE);

var port = get_http_port(default:8004);

var app_info = vcf::get_app_info(app:'Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)', port:port);

var constraints = [
  { 'min_version' : '21.12.0.0', 'fixed_version' : '21.12.21.6' },
  { 'min_version' : '22.12.0.0', 'max_version' : '22.12.20.0', 'fixed_version' : '22.12.21.1' },
  { 'min_version' : '23.12.0.0', 'fixed_version' : '23.12.18.0' },
  { 'min_version' : '24.12.0.0', 'fixed_version' : '24.12.12.0' }
];

vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_WARNING
);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

22 Jan 2026 00:00Current
5.7Medium risk
Vulners AI Score5.7
CVSS 3.16.1 - 8.8
EPSS0.01495
SSVC
7