12 matches found
📄 Oracle Access Manager Unauthenticated Remote Code Execution
This Metasploit module exploits an unauthenticated deserialization of untrusted data vulnerability in the OpenSSO Agent component of the Oracle Access Manager OAM product. The affected product versions are 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. This module requires Metasploit:...
CVE-2021-35587
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: OpenSSO Agent. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
Oracle Access Manager Unknown Vulnerability (Jan 2022 CPU)
The version of Oracle Access Manager installed on the remote host is affected by the following vulnerability as noted in the January 2022 CPU advisory - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: OpenSSO Agent. Supported versions that are affected ar...
Oracle Access Manager is vulnerable to input validation errors
Oracle Access Manager, an Oracle company, provides innovative new services to complement traditional access management functionality.Oracle Access Manager is vulnerable due to an input validation error in the OpenSSO Agent component. An attacker could exploit this vulnerability to execute arbitra...
CVE-2021-35587
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: OpenSSO Agent. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
Design/Logic Flaw
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: OpenSSO Agent. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
CVE-2021-35587
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: OpenSSO Agent. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
CVE-2021-35587
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: OpenSSO Agent. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
CVE-2021-35587
CVE-2021-35587 affects Oracle Access Manager (OpenSSO Agent) in Oracle Fusion Middleware. Affected versions: 11.1.2.3.0, 12.2.1.3.0, 12.2.1.4.0. The root cause is unauthenticated deserialization of untrusted data, enabling remote code execution and takeover of Oracle Access Manager. The connected...
Oracle Fusion Middleware 安全漏洞
Oracle Access Manager, an Oracle company, provides innovative new services to complement traditional access management functionality.Oracle Access Manager is vulnerable due to an input validation error in the OpenSSO Agent component. An attacker could exploit this vulnerability to execute arbitra...
Oracle OpenSSO Agent Multiple Vulnerabilities (October 2014 CPU)
The Oracle OpenSSO agent installed on the remote host is missing a vendor-supplied update. It is, therefore, affected by multiple vulnerabilities in the bundled Mozilla Network Security Services, the most serious of which can allow remote code execution. %NASLMINLEVEL 70300 C Tenable Network...
Oracle OpenSSO Agent Detection
Binary data oracleopenssoagentinstalled.nbin...