Vulnerabilities > Oracle > Identity Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-2729 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). | 5.4 |
| 2020-01-15 | CVE-2020-2728 | Unspecified vulnerability in Oracle Identity Manager 12.2.1.3.0 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). | 7.5 |
| 2019-07-23 | CVE-2019-2858 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). | 4.3 |
| 2019-06-19 | CVE-2019-2729 | Improper Access Control vulnerability in Oracle products Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). | 9.8 |
| 2019-04-20 | CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. | 6.1 |
| 2018-10-17 | CVE-2018-3179 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). | 7.2 |
| 2018-02-06 | CVE-2017-15095 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. | 9.8 |
| 2017-10-30 | CVE-2017-10151 | Unspecified vulnerability in Oracle Identity Manager Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). | 10.0 |
| 2017-04-24 | CVE-2017-3553 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0 Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Rules Engine). | 9.9 |
| 2016-10-25 | CVE-2016-5506 | Improper Access Control vulnerability in Oracle Identity Manager Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server. | 3.1 |