Vulnerabilities > Oracle > Identity Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-21 | CVE-2021-2457 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Request Management & Workflow). | 5.3 |
| 2021-07-21 | CVE-2021-2458 | Unspecified vulnerability in Oracle Identity Manager Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Identity Console). | 7.6 |
| 2020-01-15 | CVE-2020-2729 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). | 5.4 |
| 2020-01-15 | CVE-2020-2728 | Unspecified vulnerability in Oracle Identity Manager 12.2.1.3.0 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). | 7.5 |
| 2019-07-23 | CVE-2019-2858 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). | 4.3 |
| 2019-06-19 | CVE-2019-2729 | Improper Access Control vulnerability in Oracle products Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). | 9.8 |
| 2019-04-20 | CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. | 6.1 |
| 2018-10-17 | CVE-2018-3179 | Unspecified vulnerability in Oracle Identity Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). | 7.2 |
| 2018-02-06 | CVE-2017-15095 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. | 9.8 |
| 2017-10-30 | CVE-2017-10151 | Unspecified vulnerability in Oracle Identity Manager Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). | 10.0 |