CVE-2025-21564

Name of the Vulnerable Software and Affected Versions Oracle Agile PLM Framework version 9.3.6

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle Agile PLM Framework, resulting in unauthorized access to critical data or complete access to all Oracle Agile PLM Framework accessible data. Successful attacks can also cause a hang or frequently repeatable crash (complete DOS) of Oracle Agile PLM Framework.

Recommendations For version 9.3.6, update to a version that fixes this issue, as the current version is vulnerable to unauthorized access and denial-of-service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.