Vulnerabilities > Oracle > Identity Manager

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3553 Remote Security vulnerability in Oracle Identity Manager 11.1.2.3.0
Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Rules Engine).
network
low complexity
oracle
7.5
7.5
2016-10-25 CVE-2016-5506 Improper Access Control vulnerability in Oracle Identity Manager
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server.
local
oracle CWE-284
3.3
3.3
2014-04-17 CVE-2014-2880 Improper Input Validation vulnerability in Oracle Identity Manager 11.1.2.1.0
Open redirect vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backUrl parameter in a changepwd action to identity/faces/firstlogin.
network
oracle CWE-20
5.8
5.8