Lucene search

K
OracleAccess Manager

16 matches found

CVE
CVE
added 2020/01/15 5:15 p.m.1231 views

CVE-2020-2555

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 ...

9.8CVSS9.1AI score0.93156EPSS
CVE
CVE
added 2022/01/19 12:15 p.m.720 views

CVE-2021-35587

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

9.8CVSS9.4AI score0.94233EPSS
CVE
CVE
added 2021/04/13 7:15 a.m.517 views

CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal),...

5.8CVSS6.7AI score0.00357EPSS
CVE
CVE
added 2019/11/08 3:15 p.m.230 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01915EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.64 views

CVE-2018-2739

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro...

9.3CVSS7.5AI score0.02086EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.62 views

CVE-2018-2879

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise O...

9CVSS7.8AI score0.44453EPSS
CVE
CVE
added 2022/10/18 9:15 p.m.62 views

CVE-2022-39412

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin Console). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Success...

7.5CVSS7.2AI score0.03129EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.58 views

CVE-2021-2358

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Rest interfaces for Access Mgr). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise Oracle Acces...

4.9CVSS5.1AI score0.00616EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.57 views

CVE-2018-2587

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to comp...

6.5CVSS6.3AI score0.01612EPSS
CVE
CVE
added 2023/01/18 12:15 a.m.56 views

CVE-2023-21859

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Access Manager exec...

4.4CVSS4.2AI score0.00067EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.55 views

CVE-2017-10262

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Access Mana...

5.9CVSS6.1AI score0.01323EPSS
CVE
CVE
added 2022/10/18 9:15 p.m.45 views

CVE-2022-39405

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager....

5.3CVSS5.1AI score0.0077EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.36 views

CVE-2020-2740

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Ac...

4.9CVSS4.1AI score0.00257EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.36 views

CVE-2020-2747

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Access Manage...

5.4CVSS5AI score0.00255EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.35 views

CVE-2017-10154

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager...

5.3CVSS4.5AI score0.00508EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.31 views

CVE-2020-2745

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manag...

4.3CVSS3.9AI score0.0376EPSS