Oracle Corporation Access Manager vulnerabilities

CVE-2023-21859 [MEDIUM] CVE-2023-21859: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentic Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Access Manager executes to compromise Oracle Access Manager. Successful attacks

CVE-2022-39412 [HIGH] CWE-306 CVE-2022-39412: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin Con Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin Console). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in unauth

CVE-2022-39405 [MEDIUM] CWE-284 CVE-2022-39405: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentic Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result

CVE-2021-35587 [CRITICAL] CWE-306 CVE-2021-35587: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO A Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vuln

CVE-2021-2358 [MEDIUM] CVE-2021-2358: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Rest inte Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Rest interfaces for Access Mgr). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise Oracle Access Manager. Successful attacks of this vulnerability can result

CVE-2020-2740 [MEDIUM] CVE-2020-2740: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentic Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks require human interaction fro

CVE-2020-2747 [MEDIUM] CVE-2020-2747: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engin Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks require human interaction from a person

CVE-2020-2745 [MEDIUM] CVE-2020-2745: Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federatio Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks require human interaction from a person

CVE-2018-2879 [CRITICAL] CVE-2018-2879: Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Auth Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle A

CVE-2018-2587 [MEDIUM] CVE-2018-2587: Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulner

CVE-2017-10262 [MEDIUM] CWE-200 CVE-2017-10262: Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Access Manager. Successful attacks of this vulnerability can res

CVE-2017-10154 [MEDIUM] CWE-200 CVE-2017-10154: Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result