Oracle warns of Agile PLM file disclosure flaw exploited in attacks
November 19, 2024 at 03:00PM Oracle has addressed a critical unauthenticated file disclosure vulnerability (CVE-2024-21287) in its Agile PLM software, which was exploited as a zero-day. Users are urged to update immediately to prevent unauthorized file access. The flaw was reported by CrowdStrike and has a CVSS score of 7.5. **Meeting Takeaways:** 1. **Vulnerability Identified**: … Read more