根据Oracle发布的安全公告，这一漏洞出现在系统框架9.3.6版本中，如果被黑客利用，将允许他们通过HTTP连接PLM系统，在无需身份验证的情况下远程获取系统内部文件管理存储权限，从而导致机密文件泄露的风险增加。

The patch fixes a bug tracked as CVE-2024-21287, with a designated severity score of 7.5 (high). It is remotely exploitable ...

SAP PLM——SAP 提供一套 PLM 应用程序来支持整个供应链的产品创新、开发和协作。 Oracle Agile PLM——Oracle 的 Agile PLM 提供了用于在整个产品生命周期内管理产品信息、协作和合规性的工具。 Infor CloudSuite PLM——Infor 的 PLM 解决方案旨在帮助公司高效地管理其产品 ...

Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has ...

Oracle reports patching a security flaw in Agile PLM The bug was being exploited in the wild to steal files More than 1,000 companies could be vulnerable Oracle has fixed a vulnerability in its ...

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as ...

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files.

Oracle has patched a high-severity information disclosure zero-day in Agile PLM that has been exploited in the wild.

Oracle has released a security update out of sequence due to ongoing attacks on Oracle Agile Product Lifecycle Management.