CVE-2016-3566 : Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Manag

Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3568, CVE-2016-3569, CVE-2016-3570, CVE-2016-3571, and CVE-2016-3573.

Published 2016-07-21 10:14:03

Updated 2025-04-12 10:46:41

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2016-3566

Oracle » Primavera P6 Enterprise Project Portfolio Management » Version: 8.4
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*
Matching versions
Oracle » Primavera P6 Enterprise Project Portfolio Management » Version: 8.3
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3:*:*:*:*:*:*:*
Matching versions
Oracle » Primavera P6 Enterprise Project Portfolio Management » Version: 15.2
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*
Matching versions
Oracle » Primavera P6 Enterprise Project Portfolio Management » Version: 16.1
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*
Matching versions
Oracle » Primavera P6 Enterprise Project Portfolio Management » Version: 15.1
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-3566

EPSS FAQ

0.30%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 50 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-3566

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:N	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None
6.1	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	2.8	2.7	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

References for CVE-2016-3566

http://www.securityfocus.com/bid/91787

Oracle July 2016 Critical Patch Update Multiple Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.securityfocus.com/bid/91851

Oracle Primavera Products CVE-2016-3566 Remote Security Vulnerability
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Oracle Critical Patch Update - July 2016
Patch;Vendor Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1036393

Oracle Primavera Products Suite Multiple Flaws Let Remote Users Access and Modify Data and Remote Authenticated Users Gain Elevated Privileges - SecurityTracker

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-3566

Products affected by CVE-2016-3566

Exploit prediction scoring system (EPSS) score for CVE-2016-3566

CVSS scores for CVE-2016-3566

References for CVE-2016-3566