Vulnerability in Oracle Agile Product Lifecycle Management for Process Component

CVE-2024-21092

Summary

A vulnerability has been identified within the Oracle Agile Product Lifecycle Management for Process, specifically in the Product Quality Management component. The supported version affected is 6.2.4.2. This weakness is characterized by its ease of exploitation, allowing an attacker with low privileges and network access through HTTP to gain unauthorized control over sensitive information. If exploited, this flaw could enable the attacker to create, delete, or modify critical data within the system, undermining both the integrity and confidentiality of all accessible data within Oracle Agile Product Lifecycle Management for Process. Organizations utilizing this product are encouraged to review their security measures and apply necessary patches or mitigations as outlined in the Oracle Security Advisory.

References