- Home
- CVEs with nessus.description==The remote host is missing the October 2018 Critical Patch Update for
Oracle Identity Manager. It is, therefore, affected by multiple
vulnerabilities as described in the October 2018 critical patch
update advisory :
- An unspecified vulnerability in the Oracle Identity
Management Suite in the Suite Level Patch Issues
(Apache Log4j) subcomponent could allow an
unauthenticated, remote attacker with network access
via HTTP to compromise Oracle Identity Management Suite.
(CVE-2017-5645)
- An unspecified vulnerability in the Oracle Identity
Manager component of Oracle Fusion Middleware in the
Advanced Console subcomponent could allow an
unauthenticated, remote attacker with network access
via HTTP to compromise Oracle Identity Manager.
(CVE-2018-3179)
- An unspecified vulnerability in the Oracle Identity
Manager component of Oracle Fusion Middleware in the
Installer (jackson-databind) subcomponent could allow
an unauthenticated, remote attacker with network access
via HTTP to compromise Oracle Identity Manager.
(CVE-2017-15095)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top