CVE-2024-21287

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 18, 2024
Updated: Nov 29, 2024
CWE ID 863

Summary

CVE-2024-21287 is a vulnerability affecting the Oracle Agile PLM Framework component of Oracle Supply Chain's Software Development Kit (SDK) in version 9.3.6. This easily exploitable issue enables unauthenticated attackers with network access via HTTP to compromise the Oracle Agile PLM Framework. Successful exploitation may grant an attacker unauthorized access to critical data or complete access to all Oracle Agile PLM Framework data. The Base Score of this vulnerability, according to the Common Vulnerability Scoring System (CVSS), is 7.5, with a high impact on confidentiality.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share