Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Supplier Portal). The supported version …

Critical vulnerability in Oracle Agile Product Lifecycle Management for Process version 6.2.4 affecting the Supplier Portal component. The vulnerability allows unauthenticated attackers with network access via HTTP to completely compromise the system. This easily exploitable flaw can result in full takeover of the Oracle Agile PLM system. The vulnerability has a CVSS 3.1 Base Score of 9.8, indicating critical severity with high impact on confidentiality, integrity, and availability. The attack vector is network-based with low complexity and requires no privileges or user interaction.