Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Software Development Kit).   The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM Framework.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Agile PLM Framework accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
                
            Metrics
Affected Vendors & Products
References
        | Link | Providers | 
|---|---|
| https://www.oracle.com/security-alerts/cpujan2025.html |     | 
History
                    Tue, 29 Apr 2025 20:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Oracle agile Product Lifecycle Management | |
| CPEs | cpe:2.3:a:oracle:agile_product_lifecycle_management:9.3.6:*:*:*:*:*:*:* | |
| Vendors & Products | Oracle agile Product Lifecycle Management | 
Fri, 31 Jan 2025 21:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-863 | |
| Metrics | ssvc 
 | 
Tue, 21 Jan 2025 21:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Software Development Kit). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM Framework. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Agile PLM Framework accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | |
| First Time appeared | Oracle Oracle agile Plm Framework | |
| CPEs | cpe:2.3:a:oracle:agile_plm_framework:9.3.6:*:*:*:*:*:*:* | |
| Vendors & Products | Oracle Oracle agile Plm Framework | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: oracle
Published: 2025-01-21T20:53:20.101Z
Updated: 2025-01-31T20:58:10.757Z
Reserved: 2024-12-24T23:18:54.781Z
Link: CVE-2025-21560
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-01-22T16:10:12.513Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-01-21T21:15:22.793
Modified: 2025-04-29T20:00:33.697
Link: CVE-2025-21560
 Redhat
                        Redhat
                    No data.