Vulnerabilities > CVE-2015-4912 - Remote Security vulnerability in Oracle Fusion Middleware 11.1.2.2/11.1.2.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via vectors related to SSO Engine.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family | Misc. |
NASL id | ORACLE_ACCESS_MANAGER_CPU_OCT_2015.NASL |
description | The version of Oracle Access Manager installed on the remote host is affected by an information disclosure vulnerability due to an unspecified flaw in the SSO Engine subcomponent. An unauthenticated, remote attacker can exploit this to disclose sensitive information. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 86478 |
published | 2015-10-21 |
reporter | This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/86478 |
title | Oracle Access Manager Information Disclosure (October 2015 CPU) |