21Oca
CVE-2025-21558 | Oracle Primavera P6 Enterprise Project Portfolio Management Web Access improper authorization
A vulnerability, which was classified as critical, has been found in Oracle Primavera P6 Enterprise Project Portfolio Management up to 20.12.21.5/21.12.20.0/22.12.1.0. This issue affects some unknown processing of the component Web Access. The manipulation leads to improper authorization. The identification of this vulnerability is CVE-2025-21558. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.