Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-pqm3-2r24-px6q

Опубликовано: 21 янв. 2026
Источник: github
Github: Не прошло ревью
CVSS3: 6.5

Описание

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Ссылки

EPSS

Процентиль: 11%
0.00039
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2026-21944

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2026-21944

CVSS3: 6.5
nvd
18 дней назад

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

fstec логотип

BDU:2026-00995

CVSS3: 6.5
fstec
19 дней назад

Уязвимость компонента Product Quality Management приложения Oracle Agile Product Lifecycle Management for Process, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 11%
0.00039
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2026-21944

Дефекты

CWE-79