Security News > 2024 > November > Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)

Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, being actively exploited by attackers. About CVE-2024-21287 Oracle Agile PLM Framework is an enterprise product lifecycle management solution that enables collaboration between the various teams involved. CVE-2024-21287 affects version 9.3.6 of the Agile PLM Framework – more specifically, the Agile Software Development Kit and the Process Extension components. “This vulnerability is … More → The post Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/11/19/cve-2024-21287/
Related news
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) (source)
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-18 | CVE-2024-21287 | Incorrect Authorization vulnerability in Oracle Agile Product Lifecycle Management 9.3.6 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). | 7.5 |