Unauthorized Data Access Vulnerability in Oracle Agile PLM
CVE-2017-10308

3.5LOW

Key Information:

Vendor: Oracle
Status: Agile Plm Framework
Vendor: CVE Published:; 19 October 2017

What is CVE-2017-10308?

An exploit in Oracle Agile PLM can allow unauthorized physical access, leading to unauthorized updates, deletions, or reads of sensitive data. This vulnerability impacts versions 9.3.5 and 9.3.6 and poses risks to data integrity and confidentiality.

Affected Version(s)

Agile PLM Framework 9.3.5

Agile PLM Framework 9.3.6

References

http://www.securityfocus.com/bid/101379

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 19, 2017
Vulnerability Reserved
Jun 21, 2017