Security News > 2024 > November > Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)

Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, being actively exploited by attackers. About CVE-2024-21287 Oracle Agile PLM Framework is an enterprise product lifecycle management solution that enables collaboration between the various teams involved. CVE-2024-21287 affects version 9.3.6 of the Agile PLM Framework – more specifically, the Agile Software Development Kit and the Process Extension components. “This vulnerability is … More → The post Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/19/cve-2024-21287/
Related news
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-18 | CVE-2024-21287 | Incorrect Authorization vulnerability in Oracle Agile Product Lifecycle Management 9.3.6 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). | 7.5 |