Security Alert CVE-2024-21287 Released

November 18, 2024 | 1 minute read
Eric Maurice
Vice President of Security Assurance
Text Size 100%:

Oracle has just released Security Alert CVE-2024-21287.   This vulnerability affects Oracle Agile Product Lifecycle Management (PLM).  It was reported as being actively exploited “in the wild” by CrowdStrike. This vulnerability has received a CVSS Base Score of 7.5.  If successfully exploited, an unauthenticated perpetrator could download, from the targeted system, files accessible under the privileges used by the PLM application.

Oracle customers should refer to the Security Alert Advisory for information on how to apply the required security patch.

For more information:

Security Alert CVE-2024-21287 is published at https://www.oracle.com/security-alerts/alert-cve-2024-21287.html

Eric Maurice

Vice President of Security Assurance

With over 20 years experience in helping customers deal with securing complex IT systems, responding to cyber incidents, and developing comprehensive security strategies to manage technological risks and meet regulatory requirements, Eric Maurice helps define corporate security assurance policies and programs for Oracle’s on-premises and cloud offerings.

Show more

Previous Post

October 2024 Critical Patch Update Released

Eric Maurice | 3 min read

Next Post


Shine a light on shadow IT

Nancy Kramer | 6 min read
Oracle Chatbot
Disconnected