web analytics

Oracle Patches Critical Flaw in Identity Manager

By Eduard Kovacs on October 30, 2017
 

Oracle informed customers on Friday that its Identity Manager product is affected by a critical vulnerability that can be easily exploited by malicious actors.

 

Part of the company’s Oracle Fusion Middleware offering, Identity Manager is an enterprise identity management system that automatically manages user access privileges across all of the organization’s resources.

 

Oracle Identity Manager is affected by a flaw that allows an unauthenticated attacker with access to the network to take control of the product. The security hole exists due to a default account that can be accessed over HTTP.

 

The vulnerability, tracked as CVE-2017-10151 and assigned a CVSS score of 10, has been described by Oracle as easy to exploit without any user interaction.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico