A vulnerability classified as very critical was found in Oracle Primavera Unifier up to 19.12. Affected by this vulnerability is some unknown functionality of the component Core. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE definition for the vulnerability is CWE-200. As an impact it is known to affect confidentiality, and integrity. The summary by CVE is:

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.

The weakness was disclosed 07/15/2020 as Oracle Critical Patch Update Advisory - July 2020 as confirmed advisory (Website). It is possible to read the advisory at oracle.com. This vulnerability is known as CVE-2020-1945 since 12/02/2019. The attack can be launched remotely. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 10/31/2020).

We expect the 0-day to have been worth approximately $25k-$100k.

Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

The entries 155289, 158073, 158074 and 158075 are pretty similar.

Productinfoedit

Vendor

• Oracle

Name

• Primavera Unifier

CPE 2.3infoedit

• 🔒
• 🔒
• 🔒

CPE 2.2infoedit

• 🔒
• 🔒
• 🔒

CVSSv3infoedit

CVSSv2infoedit

Exploitinginfoedit

Threat Intelligenceinfoedit

Countermeasuresinfoedit

Timelineinfoedit

Sourcesinfoedit

Entryinfoedit

Comments