Oracle Fusion Middleware Security Flaw Exploited in the Wild

23

The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday warned organisations that a critical Oracle Fusion Middleware vulnerability patched in early 2022 is being exploited in attacks.

The Oracle Fusion Middleware single sign-on (SSO) solution, provided by Oracle Access Manager, is affected by the security flaw, tracked as CVE-2021-35587. The researchers who discovered the vulnerability claim that many significant companies, including VMware, Huawei, and Qualcomm, use the impacted product.

Also Read: Reasons why Cybersecurity Mesh Architecture Has Become a Necessity for Modern Enterprises

An unauthenticated attacker with network access via HTTP could use the flaw, which affects the OpenSSO Agent component, to take control of Oracle Access Manager. When Oracle released its Critical Patch Updates in January 2022, the company also announced a patch.

Read More: Oracle Fusion Middleware Vulnerability Exploited in the Wild

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.