Oracle

Access Manager

16 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2023-21859

  • EPSS 0.07%
  • Published 18.01.2023 00:15:14
  • Last modified 21.11.2024 07:43:47

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to ...

5.3

CVE-2022-39405

  • EPSS 0.91%
  • Published 18.10.2022 21:15:15
  • Last modified 21.11.2024 07:18:13

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network acc...

7.5

CVE-2022-39412

  • EPSS 3.67%
  • Published 18.10.2022 21:15:15
  • Last modified 21.11.2024 07:18:14

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin Console). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...

7.5

CVE-2021-35587

Warning Media report
  • EPSS 94.26%
  • Published 19.01.2022 12:15:09
  • Last modified 13.03.2025 19:55:30

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacke...

4

CVE-2021-2358

  • EPSS 0.62%
  • Published 21.07.2021 15:15:25
  • Last modified 21.11.2024 06:02:57

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Rest interfaces for Access Mgr). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows high privileged attacker with ne...

5.8

CVE-2021-29425

Exploit
  • EPSS 0.48%
  • Published 13.04.2021 07:15:12
  • Last modified 21.11.2024 06:01:04

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but ...

4.3

CVE-2020-2745

  • EPSS 3.76%
  • Published 15.04.2020 14:15:24
  • Last modified 21.11.2024 05:26:08

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network ...

5.4

CVE-2020-2747

  • EPSS 0.26%
  • Published 15.04.2020 14:15:24
  • Last modified 21.11.2024 05:26:09

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network a...

4.9

CVE-2020-2740

  • EPSS 0.26%
  • Published 15.04.2020 14:15:23
  • Last modified 21.11.2024 05:26:07

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker wit...

9.8

CVE-2020-2555

Warning Exploit
  • EPSS 93.16%
  • Published 15.01.2020 17:15:17
  • Last modified 14.02.2025 16:47:18

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows una...