Oracle has fixed a critical vulnerability in Identity Manager

Oracle has fixed a critical vulnerability in Identity Manager

Oracle informed customers on Friday that its Identity Manager product is affected by a critical vulnerability that can be easily exploited by malicious actors.

Part of the company’s Oracle Fusion Middleware offering, Identity Manager is an enterprise identity management system that automatically manages user access privileges across all of the organization’s resources.

Oracle Identity Manager is affected by a flaw that allows an unauthenticated attacker with access to the network to take control of the product. The security hole exists due to a default account that can be accessed over HTTP.

The vulnerability, tracked as CVE-2017-10151 and assigned a CVSS score of 10, has been described by Oracle as easy to exploit without any user interaction.

Read more at – Oracle has fixed a critical vulnerability in Identity Manager

Allidm Identity Access Management Post Image

Tags: , ,