CVSS 3.1 Score 8.2 of 10 (high)


Published Apr 16, 2024
Updated: Apr 17, 2024


CVE-2024-21095 is a vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering. The affected versions include 19.12.0-19.12.22, 20.12.0-20.12.21, 21.12.0-21.12.18, 22.12.0-22.12.12, and 23.12.0-23.12.2. This vulnerability can be easily exploited by an unauthenticated attacker with network access via HTTP, potentially leading to unauthorized access to critical data or complete access to all accessible data in Primavera P6 Enterprise Project Portfolio Management as well as unauthorized modification or deletion of some data within the system's reach.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21095 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options