Oracle Agile PLM Framework Vulnerability in Integration Services Component Allowing Data Access and Denial-of-Service

Vulnerability

A vulnerability exists in Oracle Agile PLM Framework, specifically within the Agile Integration Services component, version 9.3.6. This easily exploitable issue allows a low-privileged attacker with network access via HTTP to compromise the Agile PLM Framework. Successful exploitation can lead to unauthorized access to critical data or complete access to all data within the Agile PLM Framework, as well as the ability to cause a complete denial-of-service by hanging the application or causing it to crash frequently and repeatably.

Impact

Exploitation of this vulnerability can result in unauthorized access to sensitive data or all accessible data within Oracle Agile PLM Framework, along with the ability to cause a complete denial-of-service by repeatedly crashing the application or causing it to hang.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Agile PLM Framework Vulnerability in Integration Services Component Allowing Data Access and Denial-of-Service

Vulnerability

Impact

Affected Products

Oracle Agile PLM Framework

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating