Security News > 2017 > October > Highly Critical Flaw (CVSS Score 10) Lets Hackers Hijack Oracle Identity Manager
2017-10-31 01:01
A highly critical vulnerability has been discovered in Oracle's enterprise identity management system that can be easily exploited by remote, unauthenticated attackers to take full control over the affected systems. The critical vulnerability tracked as CVE-2017-10151, has been assigned the highest CVSS score of 10 and is easy to exploit without any user interaction, Oracle said in its
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/pst7AeTa37k/oracle-identity-manager.html
Related news
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-30 | CVE-2017-10151 | Unspecified vulnerability in Oracle Identity Manager Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). | 10.0 |