{"vulnerability": "CVE-2024-21287", "sightings": [{"uuid": "17671c11-52e6-44d1-9de8-b0cad4afaf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113511794640613423", "content": "", "creation_timestamp": "2024-11-19T21:42:10.834703Z"}, {"uuid": "f8a9038d-c4d8-46df-869e-3a81ad785d37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-21287", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113510272474706897", "content": "", "creation_timestamp": "2024-11-19T15:15:04.433958Z"}, {"uuid": "463e96a4-8680-4ac5-a180-5b43433f2431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113511424220768349", "content": "", "creation_timestamp": "2024-11-19T20:07:59.142694Z"}, {"uuid": "458b676b-dffb-4f2b-a014-a338911998b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/113515564339510109", "content": "", "creation_timestamp": "2024-11-20T13:40:51.971482Z"}, {"uuid": "16928e6d-345d-43cd-ac4b-e58a3ab5d01c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-21287", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113506140934519890", "content": "", "creation_timestamp": "2024-11-18T21:44:22.445239Z"}, {"uuid": "9320dcb3-01da-4580-bb5a-17f1a508fbfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://thehackernews.com/2024/11/oracle-warns-of-agile-plm-vulnerability.html", "content": "", "creation_timestamp": "2024-11-20T04:24:00.000000Z"}, {"uuid": "df10b065-20f2-4001-8af0-80c85b5cd4f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-11-21T21:10:02.000000Z"}, {"uuid": "d55fa87f-a482-4c94-a05b-b04dc9f3b8ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113524221513212196", "content": "", "creation_timestamp": "2024-11-22T02:22:34.067362Z"}, {"uuid": "82cd9f62-3a0f-4f38-a47e-cb3bb21db915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113521843358225188", "content": "", "creation_timestamp": "2024-11-21T16:17:42.452365Z"}, {"uuid": "aa5b796a-7035-47f4-9e27-2ea07c790b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2729458", "content": "", "creation_timestamp": "2024-11-21T18:34:14.075865Z"}, {"uuid": "ef1cb71f-c471-4408-85f6-17b595293ef7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "Telegram/VfNXvTZLNEqWicP3kA9WPIcdljmbCPlbJq4BVBN5ax6E5eg", "content": "", "creation_timestamp": "2024-11-28T10:58:24.000000Z"}, {"uuid": "0de78585-4def-40a2-8db3-5f13850cdfc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7", "content": "", "creation_timestamp": "2025-08-18T18:30:59.000000Z"}, {"uuid": "c42960de-4c1d-4712-a9d8-5883821f5352", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-21287", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0dddae63-7be6-4f8c-8380-286d4e09b714", "content": "", "creation_timestamp": "2026-02-02T12:26:21.022517Z"}, {"uuid": "4bddcfb4-808f-4aa8-bce1-b0bf264bd10b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "exploited", "source": "https://t.me/KomunitiSiber/2892", "content": "Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation\nhttps://thehackernews.com/2024/11/oracle-warns-of-agile-plm-vulnerability.html\n\nOracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild.\nThe vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information.\n\"This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network", "creation_timestamp": "2024-11-20T08:29:07.000000Z"}, {"uuid": "b12ad51b-a0ec-4d24-a383-f9b36fd6016b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-174112eb-f97b33dde7c3e5be", "content": "", "creation_timestamp": "2025-03-01T01:45:13.217433Z"}, {"uuid": "8a4e26aa-c446-464f-b674-e719f586f6e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:02.000000Z"}, {"uuid": "9c71b79c-90f4-4e76-bf2e-77767030c0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv64lem3fz2y", "content": "", "creation_timestamp": "2025-07-30T07:40:15.262731Z"}, {"uuid": "e3a8217d-4975-41c1-9726-ed5334a9d36b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "exploited", "source": "https://t.me/BleepingComputer/21057", "content": "\u200aOracle warns of Agile PLM file disclosure flaw exploited in attacks\n\nOracle has fixed an unauthenticated file disclosure flaw in\u00a0Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. [...]\n\nhttps://www.bleepingcomputer.com/news/security/oracle-warns-of-agile-plm-file-disclosure-flaw-exploited-in-attacks/", "creation_timestamp": "2024-11-19T20:49:47.000000Z"}, {"uuid": "fc4781f8-1949-4bea-929c-8e075e3ff51f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "seen", "source": "https://t.me/cvedetector/11407", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21287 - \"Oracle Agile PLM Framework Software Development Kit Process Extension Remote HTTP Authentication Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2024-21287 \nPublished : Nov. 18, 2024, 10:15 p.m. | 39\u00a0minutes ago \nDescription : Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension).   The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM Framework.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Agile PLM Framework accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T00:05:05.000000Z"}, {"uuid": "2ba3191d-4068-492c-a59d-86ba4acdbaf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "exploited", "source": "Telegram/0Tgv-linri2TD2LQRlryMRX0gmQtmIgpiC1bpMG5uWfdbg", "content": "", "creation_timestamp": "2024-11-20T12:32:03.000000Z"}, {"uuid": "cae25a6d-09fa-4788-aff8-338a02f44f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21287", "type": "exploited", "source": "https://t.me/thehackernews/5915", "content": "\ud83d\uded1 Urgent Alert: A high-severity vulnerability in Oracle's Agile PLM Framework is actively being exploited. \n \nNo username or password required, CVE-2024-21287 could leak sensitive data without any authentication. \n \nRead the full advisory \u2014 https://thehackernews.com/2024/11/oracle-warns-of-agile-plm-vulnerability.html", "creation_timestamp": "2024-11-20T05:27:18.000000Z"}]}