Oracle has urged its customers to apply the January 2025 Critical Patch Update to address 318 newly discovered security vulnerabilities across its products. The most critical flaw, with a CVSS score of 9.9, affects the Oracle Agile Product Lifecycle Management Framework, enabling low-privileged attackers to potentially take control of affected systems. Oracle has also pointed out that there have been attempted exploits against another flaw in the same framework. Security assurance officers have stressed the importance of applying this update to safeguard against active threats.
Easily exploitable vulnerability allows low privileged attackers with network access via HTTP to compromise Oracle Agile PLM Framework.
Customers are strongly advised to apply the January 2025 Critical Patch Update for Oracle Agile PLM Framework as it includes patches for CVE-2024-21287.
Collection
[
|
...
]