Security Alert CVE-2024-21287 Released

November 18, 2024 1 minute read

Vice President of Security Assurance

Oracle has just released Security Alert CVE-2024-21287. This vulnerability affects Oracle Agile Product Lifecycle Management (PLM). It was reported as being actively exploited “in the wild” by CrowdStrike. This vulnerability has received a CVSS Base Score of 7.5. If successfully exploited, an unauthenticated perpetrator could download, from the targeted system, files accessible under the privileges used by the PLM application.

Oracle customers should refer to the Security Alert Advisory for information on how to apply the required security patch.

For more information:

Security Alert CVE-2024-21287 is published at https://www.oracle.com/security-alerts/alert-cve-2024-21287.html

Eric Maurice

Vice President of Security Assurance

With over 20 years experience in helping customers deal with securing complex IT systems, responding to cyber incidents, and developing comprehensive security strategies to manage technological risks and meet regulatory requirements, Eric Maurice helps define corporate security assurance policies and programs for Oracle’s on-premises and cloud offerings.

Security Alert CVE-2024-21287 Released

Eric Maurice

Vice President of Security Assurance

October 2024 Critical Patch Update Released

Shine a light on shadow IT

Security Alert CVE-2024-21287 Released

Authors

Eric Maurice

Vice President of Security Assurance

October 2024 Critical Patch Update Released

Shine a light on shadow IT