Security News > 2024 > November > Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation
2024-11-20 04:24
Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information. "This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network
News URL
https://thehackernews.com/2024/11/oracle-warns-of-agile-plm-vulnerability.html
Related news
- Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released (source)
- Oracle warns of Agile PLM file disclosure flaw exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-21287 | Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). network low complexity | 7.5 |