Advertisement
Top
image credit: Pexels

CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability

November 29, 2022

Via: The Hacker News
Category:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation.

The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0.

Successful exploitation of the remote command execution bug could enable an unauthenticated attacker with network access to completely compromise and take over Access Manager instances.

Read More on The Hacker News

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Latest Publications

Ransomware evolves from mere extortion to ‘psychological attacks’
City of Wichita hit by a ransomware attack
Russian hackers target EU countries using a simple Microsoft Outlook security flaw
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!