CVE-2025-21565

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 21, 2025

Summary

CVE-2025-21565 is a vulnerability affecting Oracle Agile PLM Framework version 9.3.6 in the Oracle Supply Chain component (Install). This easily exploitable issue enables unauthenticated attackers, with only network access via HTTP, to compromise Oracle Agile PLM Framework. The consequences of a successful attack can range from unauthorized access to critical data to complete control over all accessible data. The vulnerability has a base score of 7.5 (Confidentiality impacts) on the Common Vulnerability Scoring System (CVSS) and falls under the vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Oracle Agile Product Lifecycle Management Framework

Affected Vendors

BonqDAO

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners