Full Report
Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information. "This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network
Analysis Summary
# Vulnerability: Oracle Agile PLM Unauthenticated File Disclosure
## CVE Details
- CVE ID: CVE-2024-21287
- CVSS Score: 7.5 (High)
- CWE: Not specified in the summary.
## Affected Systems
- Products: Oracle Agile Product Lifecycle Management (PLM) Framework
- Versions: Not specified in the summary, but users are strongly urged to apply the latest patches.
- Configurations: N/A
## Vulnerability Description
The vulnerability is a security flaw within the Oracle Agile PLM Framework that allows an unauthenticated remote attacker to disclose sensitive files from the targeted system. If successfully exploited, the attacker can download files accessible under the privileges of the PLM application.
## Exploitation
- Status: Actively exploited in the wild.
- Complexity: Implied to be low, as it is remotely exploitable without authentication.
- Attack Vector: Network (Remotely exploitable without authentication).
## Impact
- Confidentiality: High (File disclosure)
- Integrity: Minor/Medium (Depends on the files disclosed)
- Availability: Minor/Medium (Depends on system access)
## Remediation
### Patches
- Users are recommended to apply the latest available patches provided by Oracle as soon as possible. (Specific patch version numbers are not detailed in this summary).
### Workarounds
- No specific workarounds were mentioned in the provided text; immediate patching is the primary recommendation.
## Detection
- Detection information or specific Indicators of Compromise (IOCs) related to this active exploitation were not detailed in this summary. Users should monitor for unusual file access or downloads originating from the Agile PLM application service account.
## References
- [Oracle Security Advisory for CVE-2024-21287](https_//www_oracle_com/security-alerts/alert-cve-2024-21287_html)
- [The Hacker News Article](https_//thehackernews_com/2024/11/oracle-warns-of-agile-plm-vulnerability_html)