Oracle Fusion Middleware Flaw Flagged by CISA

The bug could allow unauthorized access and takeover, earning it a spot on the Known Exploited Vulnerabilities Catalog.

Dark Reading Staff, Dark Reading

November 29, 2022

1 Min Read
Clouds to illustrate software architecture in the cloud
Source: Artemis Diana via Alamy

A critical bug in Oracle's Fusion Middleware Access Manager has landed on the Cybersecurity and Infrastructure Security Agency's list of known exploited vulnerabilities. 

The critical flaw, tracked under CVE-2021-35587, could allow a threat actor to compromise and take over the Oracle Access Manager.

Oracle's Fusion Middleware is an enterprise cloud platform used by customers that include large telecom carriers and factories, according to its site.

CISA labeled it an an "unspecified" vuln. "Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to take over the Access Manager product," CISA warned.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights