3 matches found
CVE-2022-21497
CVE-2022-21497 affects Oracle Web Services Manager (component: Web Services Security) within Oracle Fusion Middleware. Affects 12.2.1.3.0 and 12.2.1.4.0. The vulnerability allows an unauthenticated attacker who can reach the service over HTTP to compromise the product. Exploitation requires human...
CVE-2023-21862
CVE-2023-21862 affects Oracle Web Services Manager (OWSM) within Oracle Fusion Middleware, specifically the XML Security component in version 12.2.1.4.0. The issue stems from insufficient input validation, enabling an unauthenticated attacker with network access via HTTP to compromise OWSM, poten...
CVE-2026-21992
The CVE-2026-21992 vulnerability affects Oracle Fusion Middleware components: Oracle Identity Manager (REST WebServices) and Oracle Web Services Manager (Web Services Security). Affected versions are 12.2.1.4.0 and 14.1.2.1.0. It is exploitable over HTTP without authentication and can lead to tak...