Lucene search
OracleCVELIST:CVE-2017-10151HistoryOct 30, 2017 - 8:00 p.m.
CVE-2017-10151
2017-10-3020:00:00
oracle
www.cve.org
Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager. While the vulnerability is in Oracle Identity Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
CNA Affected
[
{
"product": "Identity Manager",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "11.1.1.7"
},
{
"status": "affected",
"version": "11.1.2.3"
},
{
"status": "affected",
"version": "12.2.1.3"
}
]
}
]Related
threatpost
threatpost
Emergency Oracle Patch Closes Bug Rated 10 in Severity
2017-10-31 12:48:37
cisa
cisa
Oracle Releases Security Bulletin
2017-10-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Identity Manager Authentication Bypass (CVE-2017-10151)
2017-11-05 00:00:00
cve
cve
CVE-2017-10151
2017-10-30 20:29:00
prion
prion
Buffer overflow
2017-10-30 20:29:00
nvd
nvd
CVE-2017-10151
2017-10-30 20:29:00
nessus
nessus
Oracle Identity Manager Default Account Local Check (CVE-2017-10151)
2017-11-01 00:00:00
thn
thn