Agile Product Lifecycle Management Framework Oracle Agile Product Lifecycle Management Framework

Do you want an email whenever new security vulnerabilities are reported in Oracle Agile Product Lifecycle Management Framework?

By the Year

In 2022 there have been 0 vulnerabilities in Oracle Agile Product Lifecycle Management Framework . Agile Product Lifecycle Management Framework did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 1 6.10
2019 1 7.50
2018 2 6.10

It may take a day or so for new Agile Product Lifecycle Management Framework vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Oracle Agile Product Lifecycle Management Framework Security Vulnerabilities

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security)

CVE-2020-2920 6.1 - Medium - April 15, 2020

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security). Supported versions that are affected are 9.3.3, 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006

CVE-2019-0227 7.5 - High - May 01, 2019

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.

XSPA

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

CVE-2018-8032 6.1 - Medium - August 02, 2018

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

XSS

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security)

CVE-2018-2609 6.1 - Medium - January 18, 2018

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Agile Product Lifecycle Management Framework or by Oracle? Click the Watch button to subscribe.

Oracle
Vendor

subscribe