Oracle Agile PLM User and User Group Component Unauthenticated Data Access Vulnerability

Vulnerability

An unauthenticated vulnerability has been identified in Oracle Agile PLM version 9.3.6, within the User and User Group component. This vulnerability allows an attacker with network access to Oracle Agile PLM via HTTP to gain unauthorized access to critical data. Exploitation of this vulnerability could lead to complete access to all data accessible within Oracle Agile PLM.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive data or complete access to all data within Oracle Agile PLM that is accessible to the user.

Added: Jan 20, 2026, 11:14 PM

Updated: Jan 20, 2026, 11:14 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.0

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.0

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Agile PLM User and User Group Component Unauthenticated Data Access Vulnerability

Vulnerability

Impact

Affected Products

Oracle Agile PLM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating