CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Dec 12, 2024
High
CISA KEVCVE-2024-21287
Oracle—Agile Product Lifecycle Management (PLM)
Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful exploitation of this vulnerability may result in unauthenticated file disclosure.
Required Action
https://www.oracle.com/security-alerts/alert-cve-2024-21287.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-21287
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Nov 21, 2024
- KEV Added
- Nov 21, 2024
- Due Date
- Dec 12, 2024
- Related Articles
- 0
Vendor
Oracle
Agile Product Lifecycle Management (PLM)